A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:AmberPalo Alto Networks Globalprotect
APPPaloaltonetworks6.0.0 – 6.0.12 (bez)6.1.0 – 6.2.7-1077 (bez)6.3.0 – 6.3.3 (bez)
Related vulnerabilities
An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks Glob...
An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers t...
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based securit...
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables...
An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networ...