// For flags

CVE-2021-3057

GlobalProtect App: Buffer Overflow Vulnerability When Connecting to Portal or Gateway

Severity Score

8.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.

Se presenta una vulnerabilidad de desbordamiento del búfer en la región stack de la memoria en Palo Alto Networks GlobalProtect app que permite a un atacante que actúa como intermediario interrumpir los procesos del sistema y ejecutar potencialmente código arbitrario con privilegios SYSTEM. Este problema afecta: GlobalProtect app 5.1 versiones anteriores a GlobalProtect app 5.1.9 en Windows; GlobalProtect app 5.2 versiones anteriores a GlobalProtect app 5.2.8 en Windows; GlobalProtect app 5.2 versiones anteriores a GlobalProtect app 5.2.8 en la Plataforma Universal Windows; GlobalProtect app 5.3 versiones anteriores a GlobalProtect app 5.3.1 en Linux

*Credits: Palo Alto Networks thanks Tomas Rzepka of F-Secure for discovering and reporting this issue.
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-06 CVE Reserved
  • 2021-10-13 CVE Published
  • 2024-06-28 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-121: Stack-based Buffer Overflow
  • CWE-787: Out-of-bounds Write
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.0 <= 5.0.8
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.0 <= 5.0.8"
linux
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.0 <= 5.0.9
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.0 <= 5.0.9"
macos
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.0 <= 5.0.10
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.0 <= 5.0.10"
windows
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.1 <= 5.1.1
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.1 <= 5.1.1"
linux
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.1 <= 5.1.1
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.1 <= 5.1.1"
universal_windows_platform
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.1 < 5.1.9
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.1 < 5.1.9"
windows
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.1.0 <= 5.1.4
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.1.0 <= 5.1.4"
macos
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.2 < 5.2.8
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.2 < 5.2.8"
linux
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.2 < 5.2.8
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.2 < 5.2.8"
macos
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.2 < 5.2.8
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.2 < 5.2.8"
universal_windows_platform
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.2 < 5.2.8
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.2 < 5.2.8"
windows
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
>= 5.3 < 5.3.1
Search vendor "Paloaltonetworks" for product "Globalprotect" and version " >= 5.3 < 5.3.1"
linux
Affected
Paloaltonetworks
Search vendor "Paloaltonetworks"
Globalprotect
Search vendor "Paloaltonetworks" for product "Globalprotect"
5.0
Search vendor "Paloaltonetworks" for product "Globalprotect" and version "5.0"
universal_windows_platform
Affected