CVE-2020-1976
GlobalProtect on MacOS: Local denial-of-service (DoS) vulnerability.
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS.
Una vulnerabilidad de denegación de servicio (DoS) en el software GlobalProtect de Palo Alto Networks ejecutándose en Mac OS permite a usuarios locales autenticados causar la suspensión o bloqueo del kernel de Mac OS. Este problema afecta a GlobalProtect versión 5.0.5 y anteriores de GlobalProtect versión 5.0 en Mac OS.
*Credits:
This issue was discovered during a security test performed in collaboration with IOActive.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-12-04 CVE Reserved
- 2020-02-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-642: External Control of Critical State Data
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://security.paloaltonetworks.com/CVE-2020-1976 | 2020-05-04 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Paloaltonetworks Search vendor "Paloaltonetworks" | Globalprotect Search vendor "Paloaltonetworks" for product "Globalprotect" | >= 5.0 <= 5.0.5 Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.0 <= 5.0.5" | macos |
Affected
|