cbcvebase.
CVE-2023-0009
published 2023-06-14

CVE-2023-0009: A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated…

PriorityP338high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.18%
7.7th percentile
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.

Affected

7 ranges
VendorProductVersion rangeFixed in
palo_alto_networksglobalprotect_app>= 5.2 < 5.2.135.2.13
palo_alto_networksglobalprotect_app>= 6.0 < 6.0.56.0.5
palo_alto_networksglobalprotect_app>= 6.1 < 6.1.16.1.1
paloaltoglobalprotect_app
paloaltonetworksglobalprotect< 5.2.135.2.13
paloaltonetworksglobalprotect
paloaltonetworksglobalprotect>= 6.0.0 < 6.0.56.0.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.