0
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV
Monthly
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft
Information Disclosure
Paloalto
Globalprotect
Windows
NVD
CVSS 4.0
6.0
EPSS
0.3%
CVE-2025-0118
EPSS 0%
CVSS 6.0
MEDIUM
This Month
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Microsoft
Information Disclosure
Paloalto
+2
NVD