CVE-2025-0141 | THREATINT

Description

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.

PUBLISHED Reserved 2024-12-20 | Published 2025-07-09 | Updated 2026-02-26 | Assigner palo_alto

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber

Problem types

CWE-426 Untrusted Search Path

Product status

Default status

unaffected

6.3.0 (custom) before 6.3.3-h1 (6.3.3-c650)

affected

6.2.0 (custom) before 6.2.8-h2 (6.2.8-c243)

affected

6.1.0 (custom)

affected

6.0.0 (custom)

affected

Default status

unaffected

All (custom)

unaffected

Default status

unaffected

All (custom)

unaffected

Default status

unaffected

6.2.0 (custom) before 6.2.8

affected

6.1.0 (custom)

affected

6.0.0 (custom)

affected

Timeline

2025-07-09:

Initial Publication

Credits

Alex Bourla finder

Graham Brereton (graham.brereton@form3.tech) finder

References

security.paloaltonetworks.com/CVE-2025-0141 vendor-advisory

cve.org (CVE-2025-0141)

nvd.nist.gov (CVE-2025-0141)

Download JSON