Privilege escalation in Opswat Metadefender Endpoint Security Sdk

CVE-2025-0131

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalat…

EPSS: 0.001 (3.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References