1 results (0.003 seconds)
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0131 – GlobalProtect App: Incorrect Privilege Management Vulnerability in OPSWAT MetaDefender Endpoint Security SDK
https://notcve.org/view.php?id=CVE-2025-0131
14 May 2025 — An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtectâ„¢ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit. • https://security.paloaltonetworks.com/CVE-2025-0131 • CWE-266: Incorrect Privilege Assignment •