cbcvebase.
CVE-2025-2183
published 2025-08-13

CVE-2025-2183: An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary…

PriorityP426medium5.3CVSS 4.0
AVPACLATPPRNUIPVCHVIHVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVDREXUAmber
EPSS
0.11%
1.5th percentile
An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.

Affected

9 ranges
VendorProductVersion rangeFixed in
msrccbl2_vim_8.2.5172-1_on_cbl_mariner_2.0
palo_alto_networksglobalprotect_app
palo_alto_networksglobalprotect_app
palo_alto_networksglobalprotect_app>= 6.2.0 < 6.2.8-h3 (6.2.8-c263)6.2.8-h3 (6.2.8-c263)
palo_alto_networksglobalprotect_app>= 6.2.0 < 11.1.1011.1.10
palo_alto_networksglobalprotect_app>= 6.3.0 < 6.3.3-h2 (6.3.3-c676)6.3.3-h2 (6.3.3-c676)
palo_alto_networksglobalprotect_app>= 6.3.0 < 6.3.36.3.3
paloaltoglobal_protect_uwp_app
paloaltoglobalprotect_app

CVSS provenance

nvdv4.05.3MEDIUMCVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:X/U:Amber
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.