Skip to main content

Globalprotect

28 CVEs product

Monthly

CVE-2025-4232 HIGH PATCH This Week

CVE-2025-4232 is an improper neutralization of wildcards vulnerability in Palo Alto Networks GlobalProtect app for macOS that allows non-administrative users to escalate privileges to root through the log collection feature. With a CVSS score of 8.8 and requiring only low complexity remote network access with low privileges, this vulnerability presents a critical privilege escalation risk. The attack requires user interaction only at the network level (not UI) and affects the confidentiality, integrity, and availability of affected systems.

Paloalto Globalprotect macOS Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-0135 MEDIUM This Month

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Paloalto Google Microsoft +5
NVD
CVSS 4.0
5.2
EPSS
0.2%
CVE-2025-0120 HIGH This Week

A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Paloalto Privilege Escalation Globalprotect Windows
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-0118 MEDIUM This Month

A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Paloalto Globalprotect Windows
NVD
CVSS 4.0
6.0
EPSS
0.3%
CVE-2024-5921 HIGH POC This Week

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD GitHub
CVSS 4.0
7.1
EPSS
1.5%
CVE-2024-9473 MEDIUM This Month

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Globalprotect
NVD
CVSS 4.0
5.2
EPSS
0.3%
CVE-2024-8687 MEDIUM This Month

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os Globalprotect Prisma Access
NVD
CVSS 4.0
6.9
EPSS
0.4%
CVE-2024-5915 MEDIUM This Month

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Globalprotect
NVD
CVSS 4.0
5.2
EPSS
0.2%
CVE-2024-5908 MEDIUM This Month

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
CVSS 4.0
5.5
EPSS
0.4%
CVE-2024-3661 HIGH POC This Week

DHCP can add routes to a client’s routing table via the classless static route option (121). Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Forticlient Anyconnect Vpn Client Secure Client Globalprotect +5
NVD
CVSS 3.1
7.6
EPSS
4.1%
CVE-2024-2432 HIGH This Week

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Paloalto Microsoft Globalprotect
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2024-2431 MEDIUM This Month

An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Globalprotect
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-0009 HIGH This Week

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Globalprotect
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-0006 MEDIUM This Month

A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race. Rated medium severity (CVSS 6.3). No vendor patch available.

Information Disclosure Paloalto Microsoft Globalprotect
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2021-3057 HIGH This Week

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Microsoft Paloalto Stack Overflow +1
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2021-3038 MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Paloalto Information Disclosure Globalprotect
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-2033 MEDIUM This Month

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Paloalto Authentication Bypass Globalprotect
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-2032 HIGH This Week

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Paloalto Microsoft Information Disclosure Globalprotect
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2020-2004 MEDIUM This Month

Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Paloalto Google Information Disclosure +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-1989 HIGH This Week

An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-1988 MEDIUM This Month

An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Microsoft Information Disclosure Globalprotect
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-1987 LOW Monitor

An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2020-1976 MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash.0.5 and earlier. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Paloalto Globalprotect
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-17436 HIGH This Week

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Privilege Escalation Globalprotect
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-17435 MEDIUM This Month

A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for Windows 4.1.12 and earlier, in which the auto-update feature. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Privilege Escalation Microsoft Globalprotect
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-1573 LOW Monitor

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to. Rated low severity (CVSS 2.5). No vendor patch available.

Paloalto Microsoft Apple Information Disclosure Globalprotect
NVD
CVSS 3.1
2.5
EPSS
0.3%
CVE-2017-15870 MEDIUM This Month

Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking.". Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2012-6606 MEDIUM This Month

Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Paloalto Globalprotect Netconnect
NVD
CVSS 2.0
5.8
EPSS
0.2%
EPSS 0% CVSS 8.8
HIGH PATCH This Week

CVE-2025-4232 is an improper neutralization of wildcards vulnerability in Palo Alto Networks GlobalProtect app for macOS that allows non-administrative users to escalate privileges to root through the log collection feature. With a CVSS score of 8.8 and requiring only low complexity remote network access with low privileges, this vulnerability presents a critical privilege escalation risk. The attack requires user interaction only at the network level (not UI) and affects the confidentiality, integrity, and availability of affected systems.

Paloalto Globalprotect macOS +1
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Paloalto +7
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Paloalto Privilege Escalation +2
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Paloalto +2
NVD
EPSS 1% CVSS 7.1
HIGH POC This Week

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD GitHub
EPSS 0% CVSS 5.2
MEDIUM This Month

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os +2
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
EPSS 4% CVSS 7.6
HIGH POC This Week

DHCP can add routes to a client’s routing table via the classless static route option (121). Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Forticlient Anyconnect Vpn Client +7
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Globalprotect
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race. Rated medium severity (CVSS 6.3). No vendor patch available.

Information Disclosure Paloalto Microsoft +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Microsoft +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Paloalto Information Disclosure +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Paloalto Authentication Bypass Globalprotect
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Paloalto Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Paloalto +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Microsoft Information Disclosure +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user to read VPN cookie information when the troubleshooting. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash.0.5 and earlier. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Paloalto Globalprotect
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Privilege Escalation Globalprotect
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for Windows 4.1.12 and earlier, in which the auto-update feature. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Privilege Escalation Microsoft +1
NVD
EPSS 0% CVSS 2.5
LOW Monitor

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to. Rated low severity (CVSS 2.5). No vendor patch available.

Paloalto Microsoft Apple +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking.". Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Globalprotect
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Paloalto Globalprotect +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy