CVE-2025-2183 — Improper Certificate Validation in Palo Alto Networks Globalprotect APP

CWE-295 — Improper Certificate Validation CWE-125 — Out-of-bounds Read6 documents6 sources

Severity

5.3MEDIUMNVD

EPSS

0.0%

top 95.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Globalprotect APP Paloalto Global Protect UWP APP Paloalto Globalprotect APP

Timeline

PublishedAug 13

Description

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.

CVSS vector

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Packages3 packages

▶CVEListV5palo_alto_networks/globalprotect_app6.3.0 — 6.3.3-h2 (6.3.3-c676)+5

▶Palo Altopaloalto/globalprotect_app

▶Palo Altopaloalto/global_protect_uwp_app

🔴Vulnerability Details

CVEList

GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation↗2025-08-13

▶

GHSA

GHSA-v76x-c74h-522h: An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitr↗2025-08-13

▶

📋Vendor Advisories

Microsoft

Out-of-bounds Read in vim/vim↗2022-06-14

▶

Palo Alto

GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation↗

▶