Vulnerability in Palo Alto Networks Globalprotect App

CVE-2025-2183

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attac…

Vulnerability class: Improper Certificate Validation

EPSS: 0.001 (1.5th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References