cbcvebase.
CVE-2021-3057
published 2021-10-13

CVE-2021-3057: A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system…

PriorityP345high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
1.38%
68.8th percentile
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.

Affected

13 ranges
VendorProductVersion rangeFixed in
palo_alto_networksglobalprotect_app>= 5.1 < 5.1.95.1.9
palo_alto_networksglobalprotect_app>= 5.2 < 5.2.85.2.8
palo_alto_networksglobalprotect_app>= 5.3 < 5.3.15.3.1
paloaltoglobalprotect_app
paloaltonetworksglobalprotect
paloaltonetworksglobalprotect5.0 – 5.0.8
paloaltonetworksglobalprotect5.0 – 5.0.9
paloaltonetworksglobalprotect5.0 – 5.0.10
paloaltonetworksglobalprotect>= 5.1 < 5.1.95.1.9
paloaltonetworksglobalprotect5.1 – 5.1.1
paloaltonetworksglobalprotect5.1.0 – 5.1.4
paloaltonetworksglobalprotect>= 5.2 < 5.2.85.2.8
paloaltonetworksglobalprotect>= 5.3 < 5.3.15.3.1

CVSS provenance

nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.