CVE-2025-0117
published 2025-03-12CVE-2025-0117: A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated…
PriorityP423high7.1CVSS 4.0
AVLACLATNPRLUIPVCNVIHVANSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVDREMUAmber
EPSS
0.15%
4.6th percentile
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM.
GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | globalprotect_app | >= 6.0.0 < 10.1.14-h11 | 10.1.14-h11 |
| palo_alto_networks | globalprotect_app | >= 6.1.0 < 10.2.14 | 10.2.14 |
| palo_alto_networks | globalprotect_app | >= 6.2.0 < 6.2.6 | 6.2.6 |
| palo_alto_networks | globalprotect_app | >= 6.3.0 < 6.3.3 | 6.3.3 |
| paloalto | globalprotect_app | — | — |
| paloalto | globalprotect_uwp_app | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
vendor_paloalto·CVSS 7.1
CVE-2025-0117 [HIGH] CWE-807 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM.
GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.
Affected products: GlobalProtect App, GlobalProtect UWP App
Solution: VERSION SUGGESTED SOLUTION
GlobalProtect App 6.3 on Windows Upgrade to 6.3.3 or later*
GlobalProtect App 6.2 on Windows Upgrade to 6.2.6 or later*
GlobalProtect App 6.1 on Windows Upgrade to 6.2.6 or later or upgrade to 6.3.3 or later*
GlobalProtect App 6.0 on Windows Upgrade to 6.0.12 or later or upgrade to 6.2.6 or later or
upg
GHSA
GHSA-vhjm-w3vw-g6jw: A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-admi
ghsa_unreviewed·2025-03-12
CVE-2025-0117 [HIGH] CWE-807 GHSA-vhjm-w3vw-g6jw: A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-admi
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM.
GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-12
Published