cbcvebase.
CVE-2022-0017
published 2022-02-10

CVE-2022-0017: An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a…

PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.27%
18.0th percentile
An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.5 on Windows. This issue does not affect GlobalProtect app on other platforms.

Affected

5 ranges
VendorProductVersion rangeFixed in
palo_alto_networksglobalprotect_app>= 5.1 < 5.1.105.1.10
palo_alto_networksglobalprotect_app>= 5.2 < 5.2.55.2.5
paloaltoglobalprotect_app
paloaltonetworksglobalprotect>= 5.1 < 5.1.105.1.10
paloaltonetworksglobalprotect>= 5.2 < 5.2.55.2.5

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.