CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0249 – GlobalProtect App: Certificate Validation Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2026-0249
13 May 2026 — Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software. The GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2026-0249 • CWE-295: Improper Certificate Validation •
CVSS: 5.2EPSS: 0%CPEs: 4EXPL: 0CVE-2026-0250 – GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
https://notcve.org/view.php?id=CVE-2026-0250
13 May 2026 — A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected. • https://security.paloaltonetworks.com/CVE-2026-0250 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2026-0251 – GlobalProtect App: Local Privilege Escalation Vulnerabilities
https://notcve.org/view.php?id=CVE-2026-0251
13 May 2026 — Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected. • https://security.paloaltonetworks.com/CVE-2026-0251 • CWE-426: Untrusted Search Path •
CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2025-0118 – GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability
https://notcve.org/view.php?id=CVE-2025-0118
12 Mar 2025 — A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to exploit this vulnerability, the authenticated user must navigate to a malicious page during the GlobalProtect SAML login process on a Windows device. This issue does not apply to the GlobalProtect app on other (non-Windows) platforms. • https://security.paloaltonetworks.com/CVE-2025-0118 • CWE-618: Exposed Unsafe ActiveX Method •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2024-9473 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-9473
09 Oct 2024 — A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect. Palo Alto Networks GlobalProtect versions 5.1.x, 5.2.x, 6.0.x, 6.1.x, 6.3.x and versions less than 6.2.5 suffer from a local privilege escalation vulnerability. • https://packetstorm.news/files/id/182142 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-8687 – PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes
https://notcve.org/view.php?id=CVE-2024-8687
11 Sep 2024 — An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so. • https://security.paloaltonetworks.com/CVE-2024-8687 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-5915 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-5915
14 Aug 2024 — A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2024-5915 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-5908 – GlobalProtect App: Encrypted Credential Exposure via Log Files
https://notcve.org/view.php?id=CVE-2024-5908
12 Jun 2024 — A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs. Un problema con la aplicación Palo Alto Networks GlobalProtect puede provocar la exposición de las credenciales de... • https://security.paloaltonetworks.com/CVE-2024-5908 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2024-2432 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-2432
13 Mar 2024 — A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. Una vulnerabilidad de escalada de privilegios (PE) en la aplicación Palo Alto Networks GlobalProtect en dispositivos Windows permite a un usuario local ejecutar programas con privilegios elevados. Sin embargo, la ejecución requiere que el usu... • https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-2431 – GlobalProtect App: Local User Can Disable GlobalProtect
https://notcve.org/view.php?id=CVE-2024-2431
13 Mar 2024 — An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode. Un problema en la aplicación Palo Alto Networks GlobalProtect permite a un usuario sin privilegios deshabilitar la aplicación GlobalProtect en configuraciones que permiten a un usuario deshabilitar GlobalProtect con un código de acceso. • https://security.paloaltonetworks.com/CVE-2024-2431 • CWE-269: Improper Privilege Management •