CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0009 – GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2023-0009
14 Jun 2023 — A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges. • https://security.paloaltonetworks.com/CVE-2023-0009 • CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0019 – GlobalProtect App: Insufficiently Protected Credentials Vulnerability on Linux
https://notcve.org/view.php?id=CVE-2022-0019
10 Feb 2022 — An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user’s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earl... • https://security.paloaltonetworks.com/CVE-2022-0019 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0018 – GlobalProtect App: Information Exposure Vulnerability When Connecting to GlobalProtect Portal With Single Sign-On Enabled
https://notcve.org/view.php?id=CVE-2022-0018
10 Feb 2022 — An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. This product behavior is intentional and poses no security risk when connecting to trusted GlobalProtect portals configured to use the same Single Sign-On credentials both for the local user account as well as the GlobalProtect log... • https://security.paloaltonetworks.com/CVE-2022-0018 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0017 – GlobalProtect App: Improper Link Resolution Vulnerability Leads to Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-0017
10 Feb 2022 — An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.5 on Windows. This issue does not affect GlobalProtect... • https://security.paloaltonetworks.com/CVE-2022-0017 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2021-3057 – GlobalProtect App: Buffer Overflow Vulnerability When Connecting to Portal or Gateway
https://notcve.org/view.php?id=CVE-2021-3057
13 Oct 2021 — A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; G... • https://security.paloaltonetworks.com/CVE-2021-3057 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3038 – GlobalProtect App: Windows VPN kernel driver denial of service (DoS)
https://notcve.org/view.php?id=CVE-2021-3038
20 Apr 2021 — A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4. Una vulnerabilidad de denegación de servicio (DoS) en la aplicación Palo Alto Networks GlobalProtect en ... • https://security.paloaltonetworks.com/CVE-2021-3038 • CWE-20: Improper Input Validation CWE-248: Uncaught Exception •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2033 – GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie
https://notcve.org/view.php?id=CVE-2020-2033
10 Jun 2020 — When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing attacks. This allows the attacker to access the GlobalProtect Server as allowed by configured Security rules for the 'pre-login' user. This access may be limited compared to the network access of regular users. This ... • https://security.paloaltonetworks.com/CVE-2020-2033 • CWE-290: Authentication Bypass by Spoofing CWE-295: Improper Certificate Validation •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2032 – GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade
https://notcve.org/view.php?id=CVE-2020-2032
10 Jun 2020 — A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 on Windows. Una vulnerabilidad de condición de carrera en la aplicación GlobalProtect de Palo Alto Networ... • https://security.paloaltonetworks.com/CVE-2020-2032 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-2004 – GlobalProtect App: Passwords may be logged in clear text while collecting troubleshooting logs
https://notcve.org/view.php?id=CVE-2020-2004
13 May 2020 — Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue to occur all of these conditions must be true: (1) 'Save User Credential' option should be set to 'Yes' in the GlobalProtect Portal's Agent configuration, (2) the GlobalProtect user manually selects a gateway, (3) and the logging level is set to 'Dump' while collect... • https://security.paloaltonetworks.com/CVE-2020-2004 • CWE-532: Insertion of Sensitive Information into Log File CWE-534: DEPRECATED: Information Exposure Through Debug Log Files •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1989 – Global Protect Agent: Incorrect privilege assignment allows local privilege escalation
https://notcve.org/view.php?id=CVE-2020-1989
08 Apr 2020 — An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global Protect Agent for Linux 5.0 versions before 5.0.8; 5.1 versions before 5.1.1. Una vulnerabilidad de asignación de privilegios incorrecta cuando se escriben archivos específicos de la aplicación en el Global Protect Agent de Palo Alto... • https://security.paloaltonetworks.com/CVE-2020-1989 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •