Unrated severityNVD Advisory· Published Jun 12, 2025· Updated Feb 26, 2026
GlobalProtect: Authenticated Code Injection Through Wildcard on macOS
CVE-2025-4232
Description
An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*+ 2 more
- cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*range: 6.3
- cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*range: All
- (no CPE)
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/CVE-2025-4232mitrevendor-advisory
News mentions
0No linked articles in our index yet.