CVE-2023-0009 — Reliance on Untrusted Inputs in a Security Decision in Palo Alto Networks Globalprotect APP

CWE-807 — Reliance on Untrusted Inputs in a Security Decision5 documents5 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 83.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Globalprotect APP Paloaltonetworks Globalprotect Paloalto Globalprotect APP

Timeline

PublishedJun 14

Description

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDpaloaltonetworks/globalprotect6.0.0 — 6.0.5+2

▶CVEListV5palo_alto_networks/globalprotect_app6.1 — 6.1.1+2

▶Palo Altopaloalto/globalprotect_app

🔴Vulnerability Details

CVEList

GlobalProtect App: Local Privilege Escalation (PE) Vulnerability↗2023-06-14

▶

GHSA

GHSA-78x2-mpc6-77hm: A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local service account or user with to↗2023-06-14

▶

📋Vendor Advisories

Palo Alto

GlobalProtect App: Local Privilege Escalation (PE) Vulnerability↗2023-06-14

▶

VMware

VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue (CVE-2023-20877, CVE-2023-20878, CVE-2023-20879, CVE-2023-20880)↗2023-05-11

▶