Paloaltonetworks Globalprotect
34 CVEs affecting Paloaltonetworks Globalprotect. Latest disclosed: 2025-06-13. Critical: 0, High: 16.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-4232 | High | 8.8 | 2025-06-13 | An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrati… |
CVE-2024-5921 | High | 8.8 | 2024-11-27 | An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary serv… |
CVE-2021-3057 | High | 8.1 | 2021-10-13 | A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system proc… |
CVE-2025-0118 | High | 8.0 | 2025-03-12 | A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated… |
CVE-2024-9473 | High | 7.8 | 2024-10-09 | A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to e… |
CVE-2024-5915 | High | 7.8 | 2024-08-14 | A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated… |
CVE-2023-0009 | High | 7.8 | 2023-06-14 | A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated p… |
CVE-2024-3661 | High | 7.6 | 2024-05-06 | DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traff… |
CVE-2024-5908 | High | 7.5 | 2024-06-12 | A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in applicat… |
CVE-2022-0016 | High | 7.4 | 2022-02-10 | An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that en… |
CVE-2024-8687 | High | 7.1 | 2024-09-11 | An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalPro… |
CVE-2019-17436 | High | 7.1 | 2019-10-16 | A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that… |
CVE-2025-0120 | High | 7.0 | 2025-04-11 | A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-admini… |
CVE-2022-0017 | High | 7.0 | 2022-02-10 | An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a lo… |
CVE-2020-2032 | High | 7.0 | 2020-06-10 | A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges… |
CVE-2020-1989 | High | 7.0 | 2020-04-08 | An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platfor… |
CVE-2020-2004 | Medium | 6.8 | 2020-05-13 | Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on Globa… |
CVE-2017-15870 | Medium | 6.7 | 2017-12-11 | Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors invo… |
CVE-2023-0006 | Medium | 6.3 | 2023-04-12 | A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with… |
CVE-2022-0018 | Medium | 6.1 | 2022-02-10 | An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account a… |