CVE-2025-2183 | THREATINT

Description

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.

PUBLISHED Reserved 2025-03-10 | Published 2025-08-13 | Updated 2025-08-16 | Assigner palo_alto

MEDIUM: 5.3CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber

Problem types

CWE-295 Improper Certificate Validation

Product status

Default status

unaffected

6.3.0 before 6.3.3-h2 (6.3.3-c676)

affected

6.2.0 before 6.2.8-h3 (6.2.8-c263)

affected

6.1.0

affected

6.0.0

affected

Default status

unaffected

6.3.0 before 6.3.3

affected

6.2.0 before 11.1.10

affected

6.1.0

affected

6.0.0

affected

Default status

unaffected

All

unaffected

Default status

unaffected

All

unaffected

Timeline

2025-08-13:

Initial Publication

Credits

Nikola Markovic of Palo Alto Networks finder

Maxime Escorbiac of Michelin CERT finder

References

security.paloaltonetworks.com/CVE-2025-2183 vendor-advisory

cve.org (CVE-2025-2183)

nvd.nist.gov (CVE-2025-2183)

Download JSON