CVE-2025-0140Incorrect Privilege Assignment in Palo Alto Networks Globalprotect APP

CWE-266Incorrect Privilege Assignment5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
0.0%
top 92.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks Globalprotect APPPaloalto Globalprotect APPPaloalto Globalprotect UWP APP
Timeline
PublishedJul 9
Latest updateJul 10

Description

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

CVEListV5palo_alto_networks/globalprotect_app6.3.06.3.3-h1 (6.3.3-c650)+3

🔴Vulnerability Details

2
GHSA
GHSA-crx9-q52p-mh39: An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally authenticate2025-07-10
CVEList
GlobalProtect App: Non Admin User Can Disable the GlobalProtect App2025-07-09

📋Vendor Advisories

1
Palo Alto
GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
CVE-2025-0140 — Incorrect Privilege Assignment in Palo | cvebase