What is CVE-2020-1988?

CVE-2020-1988 is an unquoted search path vulnerability in the Windows release of Global Protect Agent that allows an authenticated local user to gain system privileges.

How can an attacker exploit CVE-2020-1988?

An attacker can exploit CVE-2020-1988 by placing a malicious executable in an unquoted path that is used by the Global Protect Agent during startup, which can lead to arbitrary code execution with system privileges.

Which versions of Palo Alto Networks GlobalProtect Agent are affected by CVE-2020-1988?

Palo Alto Networks GlobalProtect Agent versions 4.1.0 to 4.1.13 and versions 5.0.0 to 5.0.5 are affected by CVE-2020-1988.

What is the severity of CVE-2020-1988?

CVE-2020-1988 has a severity rating of 6.7 (high).

How to fix CVE-2020-1988?

To fix CVE-2020-1988, it is recommended to update to the latest version of Palo Alto Networks GlobalProtect Agent, which contains the necessary patches and fixes for this vulnerability.

Vulnerability/
CVE-2020-1988

high

7.2

CWE

428

8/4/2020

4/8/2024

CVE-2020-1988: Global Protect Agent: Local privilege escalation due to an unquoted search path vulnerability

First published: Wed Apr 08 2020(Updated: )

An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions before 5.0.5; 4.1 versions before 4.1.13 on Windows;

Credit: psirt@paloaltonetworks.com

Affected Software	Affected Version	How to fix
Paloaltonetworks Globalprotect	>=4.1.0<4.1.13
Paloaltonetworks Globalprotect	>=5.0.0<5.0.5

Remedy

This issue is fixed in Global Protect Agent 5.0.5, Global Protect Agent 4.1.13 and all later versions.

Never miss a vulnerability like this again

Reference Links

https://security.paloaltonetworks.com/CVE-2020-1988

Frequently Asked Questions

What is CVE-2020-1988?
CVE-2020-1988 is an unquoted search path vulnerability in the Windows release of Global Protect Agent that allows an authenticated local user to gain system privileges.
How can an attacker exploit CVE-2020-1988?
An attacker can exploit CVE-2020-1988 by placing a malicious executable in an unquoted path that is used by the Global Protect Agent during startup, which can lead to arbitrary code execution with system privileges.
Which versions of Palo Alto Networks GlobalProtect Agent are affected by CVE-2020-1988?
Palo Alto Networks GlobalProtect Agent versions 4.1.0 to 4.1.13 and versions 5.0.0 to 5.0.5 are affected by CVE-2020-1988.
What is the severity of CVE-2020-1988?
CVE-2020-1988 has a severity rating of 6.7 (high).
How to fix CVE-2020-1988?
To fix CVE-2020-1988, it is recommended to update to the latest version of Palo Alto Networks GlobalProtect Agent, which contains the necessary patches and fixes for this vulnerability.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/title
agent/weakness
agent/remedy
agent/severity
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/tags
agent/event
vendor/paloaltonetworks
canonical/paloaltonetworks globalprotect
version/paloaltonetworks globalprotect/4.1.0
version/paloaltonetworks globalprotect/5.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.