CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-2183 – GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-2183
13 Aug 2025 — An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. • https://security.paloaltonetworks.com/CVE-2025-2183 • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2179 – GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
https://notcve.org/view.php?id=CVE-2025-2179
29 Jul 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. Una vulnerabilidad de asignación incorrecta de privilegios en la aplicación Palo Alto Networks GlobalProtect™ en dispositivos Linux p... • https://security.paloaltonetworks.com/CVE-2025-2179 • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0141 – GlobalProtect App: Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2025-0141
09 Jul 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2025-0141 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0140 – GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
https://notcve.org/view.php?id=CVE-2025-0140
09 Jul 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on Windows, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally au... • https://security.paloaltonetworks.com/CVE-2025-0140 • CWE-266: Incorrect Privilege Assignment •
CVSS: 3.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4227 – GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement
https://notcve.org/view.php?id=CVE-2025-4227
13 Jun 2025 — An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel. An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating co... • https://security.paloaltonetworks.com/CVE-2025-4227 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4232 – GlobalProtect: Authenticated Code Injection Through Wildcard on macOS
https://notcve.org/view.php?id=CVE-2025-4232
12 Jun 2025 — An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root. • https://security.paloaltonetworks.com/CVE-2025-4232 • CWE-155: Improper Neutralization of Wildcards or Matching Symbols •
CVSS: 5.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0135 – GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App
https://notcve.org/view.php?id=CVE-2025-0135
14 May 2025 — An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2025-0135 • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0120 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2025-0120
11 Apr 2025 — A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit. • https://security.paloaltonetworks.com/CVE-2025-0120 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2025-0118 – GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability
https://notcve.org/view.php?id=CVE-2025-0118
12 Mar 2025 — A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to exploit this vulnerability, the authenticated user must navigate to a malicious page during the GlobalProtect SAML login process on a Windows device. This issue does not apply to the GlobalProtect app on other (non-Windows) platforms. • https://security.paloaltonetworks.com/CVE-2025-0118 • CWE-618: Exposed Unsafe ActiveX Method •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-0117 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2025-0117
12 Mar 2025 — A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected. • https://security.paloaltonetworks.com/CVE-2025-0117 • CWE-807: Reliance on Untrusted Inputs in a Security Decision •