CVE-2024-5921 — Improper Certificate Validation in Palo Alto Networks Globalprotect APP

CWE-295 — Improper Certificate Validation4 documents4 sources

Severity

7.1HIGHNVD

EPSS

0.3%

top 48.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Globalprotect APP Paloaltonetworks Globalprotect Paloalto Globalprotect APP

Timeline

PublishedNov 27

Description

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. Please subscribe to our RSS feed https://security.paloaltonetworks.com/rss.xm…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

Affected Packages3 packages

▶NVDpaloaltonetworks/globalprotect6.1.0 — 6.1.6+4

▶CVEListV5palo_alto_networks/globalprotect_app6.3.0 — 6.3.2+6

▶Palo Altopaloalto/globalprotect_app

🔴Vulnerability Details

GHSA

GHSA-ccr5-hmvm-37q5: An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbit↗2024-11-27

▶

CVEList

GlobalProtect App: Insufficient Certificate Validation Leads to Privilege Escalation↗2024-11-27

▶

📋Vendor Advisories

Palo Alto

GlobalProtect App: Insufficient Certificate Validation Leads to Privilege Escalation↗

▶