CVE-2020-2032
published 2020-06-10CVE-2020-2032: A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges…
PriorityP430high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
EPSS
0.21%
11.5th percentile
A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 on Windows.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | globalprotect_app | >= 5.0 < 5.0.10 | 5.0.10 |
| palo_alto_networks | globalprotect_app | >= 5.1 < 5.1.4 | 5.1.4 |
| paloalto | globalprotect_app | — | — |
| paloaltonetworks | globalprotect | >= 5.0.0 < 5.0.10 | 5.0.10 |
| paloaltonetworks | globalprotect | >= 5.1.0 < 5.1.4 | 5.1.4 |
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade
vendor_paloalto·2020-06-10·CVSS 7.0
CVE-2020-2032 [HIGH] CWE-367 GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade
GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade
A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges.
This issue can be exploited only while performing a GlobalProtect app upgrade.
Affected products: GlobalProtect App
Solution: This issue is fixed in GlobalProtect app 5.0.10, GlobalProtect app 5.1.4, and all later GlobalProtect app versions.
GHSA
GHSA-gmfm-xrwm-phqh: A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM pri
ghsa_unreviewed·2022-05-24
CVE-2020-2032 [MEDIUM] GHSA-gmfm-xrwm-phqh: A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM pri
A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 on Windows.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-06-10
Published