CVE-2025-4232 — Improper Neutralization of Wildcards or Matching Symbols in Palo Alto Networks Globalprotect APP

CWE-155 — Improper Neutralization of Wildcards or Matching Symbols4 documents4 sources

Severity

8.5HIGHNVD

EPSS

0.2%

top 53.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Globalprotect APP Paloaltonetworks Globalprotect Paloalto Globalprotect APP

Timeline

PublishedJun 13

Description

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

▶NVDpaloaltonetworks/globalprotect6.0.0 — 6.2.8+1

▶CVEListV5palo_alto_networks/globalprotect_app6.3 — 6.3.3+3

▶Palo Altopaloalto/globalprotect_app

🔴Vulnerability Details

GHSA

GHSA-2qvw-8f7v-j53g: An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non adm↗2025-06-13

▶

CVEList

GlobalProtect: Authenticated Code Injection Through Wildcard on macOS↗2025-06-12

▶

📋Vendor Advisories

Palo Alto

GlobalProtect: Authenticated Code Injection Through Wildcard on macOS↗

▶