CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 2CVE-2024-5921 – GlobalProtect App: Insufficient Certificate Validation Leads to Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-5921
27 Nov 2024 — An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. GlobalProtect App for Android is under evaluation. Please subscribe to our RSS feed https:... • https://blog.amberwolf.com/blog/2024/november/palo-alto-globalprotect---code-execution-and-privilege-escalation-via-malicious-vpn-server-cve-2024-5921 • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2024-9473 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-9473
09 Oct 2024 — A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect. Palo Alto Networks GlobalProtect versions 5.1.x, 5.2.x, 6.0.x, 6.1.x, 6.3.x and versions less than 6.2.5 suffer from a local privilege escalation vulnerability. • https://packetstorm.news/files/id/182142 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-8687 – PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes
https://notcve.org/view.php?id=CVE-2024-8687
11 Sep 2024 — An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so. • https://security.paloaltonetworks.com/CVE-2024-8687 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-5915 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-5915
14 Aug 2024 — A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2024-5915 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-5908 – GlobalProtect App: Encrypted Credential Exposure via Log Files
https://notcve.org/view.php?id=CVE-2024-5908
12 Jun 2024 — A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these encrypted credentials are exposed to recipients of the application logs. Un problema con la aplicación Palo Alto Networks GlobalProtect puede provocar la exposición de las credenciales de... • https://security.paloaltonetworks.com/CVE-2024-5908 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2024-2432 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-2432
13 Mar 2024 — A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. Una vulnerabilidad de escalada de privilegios (PE) en la aplicación Palo Alto Networks GlobalProtect en dispositivos Windows permite a un usuario local ejecutar programas con privilegios elevados. Sin embargo, la ejecución requiere que el usu... • https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-2431 – GlobalProtect App: Local User Can Disable GlobalProtect
https://notcve.org/view.php?id=CVE-2024-2431
13 Mar 2024 — An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode. Un problema en la aplicación Palo Alto Networks GlobalProtect permite a un usuario sin privilegios deshabilitar la aplicación GlobalProtect en configuraciones que permiten a un usuario deshabilitar GlobalProtect con un código de acceso. • https://security.paloaltonetworks.com/CVE-2024-2431 • CWE-269: Improper Privilege Management •