Skip to main content

Global Protect App

1 CVEs product

Monthly

CVE-2026-0251 MEDIUM PATCH This Month

Local privilege escalation vulnerabilities in Palo Alto Networks GlobalProtect App on Windows, macOS, and Linux allow a low-privileged local user to elevate to NT AUTHORITY\SYSTEM (Windows) or root (macOS/Linux), enabling full OS-level command execution. The root cause is CWE-426 (Untrusted Search Path), where the application resolves executables or libraries from attacker-controllable locations. No public exploit has been identified and CISA SSVC confirms exploitation status as none; however, SSVC rates technical impact as total, reflecting the complete privilege gain achievable upon successful exploitation.

Privilege Escalation Google Apple Microsoft Paloalto +2
NVD VulDB
CVSS 4.0
5.9
EPSS
0.0%
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Local privilege escalation vulnerabilities in Palo Alto Networks GlobalProtect App on Windows, macOS, and Linux allow a low-privileged local user to elevate to NT AUTHORITY\SYSTEM (Windows) or root (macOS/Linux), enabling full OS-level command execution. The root cause is CWE-426 (Untrusted Search Path), where the application resolves executables or libraries from attacker-controllable locations. No public exploit has been identified and CISA SSVC confirms exploitation status as none; however, SSVC rates technical impact as total, reflecting the complete privilege gain achievable upon successful exploitation.

Privilege Escalation Google Apple +4
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy