Vulnerability in Palo Alto Networks Globalprotect App
CVE-2025-0117
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProte…
EPSS: 0.002 (4.6th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Globalprotect App — versions 6.3.0, 6.2.0, 6.1.0
- Palo Alto Networks Globalprotect Uwp App — versions All
Weakness classification (CWE)
References
- psirt@paloaltonetworks.com (vendor-advisory)