First published: Wed Apr 08 2020(Updated: )
An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions before 5.0.5; 4.1 versions before 4.1.13 on Windows;
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Globalprotect | >=4.1.0<4.1.13 | |
Paloaltonetworks Globalprotect | >=5.0.0<5.0.5 |
This issue is fixed in Global Protect Agent 5.0.5, Global Protect Agent 4.1.13 and all later versions.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-1988 is an unquoted search path vulnerability in the Windows release of Global Protect Agent that allows an authenticated local user to gain system privileges.
An attacker can exploit CVE-2020-1988 by placing a malicious executable in an unquoted path that is used by the Global Protect Agent during startup, which can lead to arbitrary code execution with system privileges.
Palo Alto Networks GlobalProtect Agent versions 4.1.0 to 4.1.13 and versions 5.0.0 to 5.0.5 are affected by CVE-2020-1988.
CVE-2020-1988 has a severity rating of 6.7 (high).
To fix CVE-2020-1988, it is recommended to update to the latest version of Palo Alto Networks GlobalProtect Agent, which contains the necessary patches and fixes for this vulnerability.