Paloaltonetworks Globalprotect

34 CVEs affecting Paloaltonetworks Globalprotect. Latest disclosed: 2025-06-13. Critical: 0, High: 16.

Top CVEs affecting Paloaltonetworks Globalprotect
CVESeverityScorePublishedSummary
CVE-2025-4232High8.82025-06-13An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrati…
CVE-2024-5921High8.82024-11-27An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary serv…
CVE-2021-3057High8.12021-10-13A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system proc…
CVE-2025-0118High8.02025-03-12A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated…
CVE-2024-9473High7.82024-10-09A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to e…
CVE-2024-5915High7.82024-08-14A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated…
CVE-2023-0009High7.82023-06-14A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated p…
CVE-2024-3661High7.62024-05-06DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traff…
CVE-2024-5908High7.52024-06-12A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in applicat…
CVE-2022-0016High7.42022-02-10An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that en…
CVE-2024-8687High7.12024-09-11An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalPro…
CVE-2019-17436High7.12019-10-16A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that…
CVE-2025-0120High7.02025-04-11A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-admini…
CVE-2022-0017High7.02022-02-10An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a lo…
CVE-2020-2032High7.02020-06-10A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges…
CVE-2020-1989High7.02020-04-08An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platfor…
CVE-2020-2004Medium6.82020-05-13Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on Globa…
CVE-2017-15870Medium6.72017-12-11Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors invo…
CVE-2023-0006Medium6.32023-04-12A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with…
CVE-2022-0018Medium6.12022-02-10An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account a…