Paloaltonetworks

Globalprotect

37 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2025-4227

  • EPSS 0.01%
  • Veröffentlicht 13.06.2025 05:50:52
  • Zuletzt bearbeitet 27.06.2025 16:49:37

An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of th...

8.8

CVE-2025-4232

  • EPSS 0.05%
  • Veröffentlicht 12.06.2025 23:22:34
  • Zuletzt bearbeitet 27.06.2025 16:47:32

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.

3.3

CVE-2025-0135

  • EPSS 0.02%
  • Veröffentlicht 14.05.2025 18:08:32
  • Zuletzt bearbeitet 27.06.2025 16:50:37

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome O...

7.1

CVE-2025-0131

  • EPSS 0.01%
  • Veröffentlicht 14.05.2025 18:06:45
  • Zuletzt bearbeitet 16.05.2025 14:43:56

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their pri...

8.3

CVE-2025-0126

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 11.04.2025 02:15:18
  • Zuletzt bearbeitet 11.04.2025 15:39:52

When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click ...

7

CVE-2025-0120

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 11.04.2025 02:15:18
  • Zuletzt bearbeitet 27.06.2025 16:51:19

A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, executi...

8

CVE-2025-0118

  • EPSS 0.14%
  • Veröffentlicht 12.03.2025 18:36:44
  • Zuletzt bearbeitet 27.06.2025 16:52:34

A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authent...

7.5

CVE-2025-0114

  • EPSS 0.04%
  • Veröffentlicht 12.03.2025 18:20:05
  • Zuletzt bearbeitet 22.10.2025 19:23:43

A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of t...

8.8

CVE-2024-5921

Exploit
  • EPSS 0.07%
  • Veröffentlicht 27.11.2024 04:15:14
  • Zuletzt bearbeitet 27.06.2025 16:55:15

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the...

7.8

CVE-2024-9473

  • EPSS 0.24%
  • Veröffentlicht 09.10.2024 17:15:21
  • Zuletzt bearbeitet 21.11.2024 09:54:26

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality...