Globalprotect
CVEs (45)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-0257 | Cri | 0.76 | 9.1 | 0.87 | KEV | May 13, 2026 | Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues. | |
| CVE-2025-0141 | Hig | 0.55 | — | 0.00 | Jul 9, 2025 | An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. The GlobalProtect app on iOS,… | ||
| CVE-2025-0126 | Hig | 0.54 | — | 0.00 | Apr 11, 2025 | When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link… | ||
| CVE-2025-0131 | Hig | 0.46 | — | 0.00 | May 14, 2025 | An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT… | ||
| CVE-2025-0117 | Hig | 0.46 | — | 0.00 | Mar 12, 2025 | A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android,… | ||
| CVE-2025-2179 | Med | 0.44 | — | 0.00 | Jul 29, 2025 | An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The… | ||
| CVE-2025-0140 | Med | 0.44 | — | 0.00 | Jul 9, 2025 | An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The… | ||
| CVE-2017-15870 | Med | 0.44 | 6.7 | 0.00 | Dec 11, 2017 | Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking." | ||
| CVE-2026-0251 | Med | 0.38 | — | 0.00 | May 13, 2026 | Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands… | ||
| CVE-2026-0250 | Med | 0.34 | — | 0.00 | May 13, 2026 | A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of… | ||
| CVE-2025-2183 | Med | 0.34 | — | 0.00 | Aug 13, 2025 | An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install… | ||
| CVE-2026-0249 | Med | 0.32 | — | 0.00 | May 13, 2026 | Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an… | ||
| CVE-2026-0267 | Med | 0.29 | — | 0.00 | Jun 10, 2026 | An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions… | ||
| CVE-2025-0133 | Low | 0.18 | — | 0.44 | May 14, 2025 | A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a… | ||
| CVE-2021-3064 | 0.05 | — | 0.19 | Nov 10, 2021 | A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have… | |||
| CVE-2025-4227 | 0.00 | — | 0.00 | Jun 13, 2025 | An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks… | |||
| CVE-2025-4232 | 0.00 | — | 0.00 | Jun 12, 2025 | An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root. | |||
| CVE-2025-0135 | 0.00 | — | 0.00 | May 14, 2025 | An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app… | |||
| CVE-2025-0120 | 0.00 | — | 0.00 | Apr 11, 2025 | A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local… | |||
| CVE-2025-0118 | 0.00 | — | 0.00 | Mar 12, 2025 | A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to… |
- risk 0.76cvss 9.1epss 0.87
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.
- risk 0.55cvss —epss 0.00
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. The GlobalProtect app on iOS,…
- risk 0.54cvss —epss 0.00
When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link…
- risk 0.46cvss —epss 0.00
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT…
- risk 0.46cvss —epss 0.00
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android,…
- risk 0.44cvss —epss 0.00
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The…
- risk 0.44cvss —epss 0.00
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The…
- risk 0.44cvss 6.7epss 0.00
Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking."
- risk 0.38cvss —epss 0.00
Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands…
- risk 0.34cvss —epss 0.00
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of…
- risk 0.34cvss —epss 0.00
An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install…
- risk 0.32cvss —epss 0.00
Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an…
- risk 0.29cvss —epss 0.00
An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions…
- risk 0.18cvss —epss 0.44
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a…
- CVE-2021-3064Nov 10, 2021risk 0.05cvss —epss 0.19
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have…
- CVE-2025-4227Jun 13, 2025risk 0.00cvss —epss 0.00
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks…
- CVE-2025-4232Jun 12, 2025risk 0.00cvss —epss 0.00
An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.
- CVE-2025-0135May 14, 2025risk 0.00cvss —epss 0.00
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app…
- CVE-2025-0120Apr 11, 2025risk 0.00cvss —epss 0.00
A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local…
- CVE-2025-0118Mar 12, 2025risk 0.00cvss —epss 0.00
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to…
Page 1 of 3