First published: Mon Dec 11 2017(Updated: )
Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Globalprotect | <=4.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2017-15870.
The title of this vulnerability is 'Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving 'image path execution hijacking'.'
The severity level of CVE-2017-15870 is high.
The software affected by CVE-2017-15870 is Palo Alto Networks GlobalProtect Agent version up to and including 4.0.2 on Mac OS X.
To fix this vulnerability, update Palo Alto Networks GlobalProtect Agent to version 4.0.3 or later.