VYPR
Unrated severityNVD Advisory· Published Jun 12, 2025· Updated Feb 26, 2026

GlobalProtect: Authenticated Code Injection Through Wildcard on macOS

CVE-2025-4232

Description

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Paloaltonetworks/Globalprotectcpe-rescue3 versions
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*+ 2 more
    • cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*range: 6.3
    • cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*range: All
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.