Skip to main content

Globalprotect CVE-2024-2431

MEDIUM
Improper Privilege Management (CWE-269)
2024-03-13 psirt@paloaltonetworks.com
5.5
CVSS 3.1 · Vendor: paloaltonetworks
Share

Severity by source

Vendor (paloaltonetworks) PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from Vendor (paloaltonetworks) · only source for this CVE.

CVSS VectorVendor: paloaltonetworks

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 13, 2024 - 18:15 cve.org
MEDIUM 5.5

DescriptionCVE.org

An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.

AnalysisAI

An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode. Affected products include: Paloaltonetworks Globalprotect.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.

CVE-2024-3661 HIGH POC
7.6 May 06

DHCP can add routes to a client’s routing table via the classless static route option (121). Rated high severity (CVSS 7

CVE-2024-5921 HIGH POC
7.1 Nov 27

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect

CVE-2025-4232 HIGH
8.8 Jun 13

CVE-2025-4232 is an improper neutralization of wildcards vulnerability in Palo Alto Networks GlobalProtect app for macOS

CVE-2021-3057 HIGH
8.1 Oct 13

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the

CVE-2023-0009 HIGH
7.8 Jun 14

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local u

CVE-2020-1989 HIGH
7.8 Apr 08

An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global

CVE-2025-0120 HIGH
7.1 Apr 11

A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices al

CVE-2019-17436 HIGH
7.1 Oct 16

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlie

CVE-2024-2432 HIGH
7.0 Mar 13

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local

CVE-2020-2032 HIGH
7.0 Jun 10

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to ex

CVE-2024-8687 MEDIUM
6.9 Sep 11

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user

CVE-2017-15870 MEDIUM
6.7 Dec 11

Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to

Share

CVE-2024-2431 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy