CVE-2024-9473: GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
First published: Wed Oct 09 2024(Updated: )
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.
Credit: psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Globalprotect | >=5.1<6.2.5 | |
| Paloaltonetworks Globalprotect | =6.3.0 | |
| Paloaltonetworks Globalprotect | =6.3.1 |
Remedy
This issue is fixed in GlobalProtect app 6.2.5, and will be fixed in the remaining supported versions of GlobalProtect app listed in the Product Status section. Updates will be published to this advisory as they become available. Customers who want to upgrade should reach out to customer support at https://support.paloaltonetworks.com .
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/title
- agent/references
- agent/weakness
- agent/remedy
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/paloaltonetworks
- canonical/paloaltonetworks globalprotect
- version/paloaltonetworks globalprotect/5.1
- version/paloaltonetworks globalprotect/6.3.0
- version/paloaltonetworks globalprotect/6.3.1