CVE-2026-0250
published 2026-05-13CVE-2026-0250: A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and…
PriorityP431medium5.2CVSS 4.0
AVAACLATPPRNUINVCHVIHVAHSCNSINSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVDREMUAmber
EPSS
0.21%
11.0th percentile
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.
The GlobalProtect app on iOS is not affected.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | globalprotect_app | >= 6.0 < 6.0.13 | 6.0.13 |
| palo_alto_networks | globalprotect_app | >= 6.0 < 6.0.14 | 6.0.14 |
| palo_alto_networks | globalprotect_app | >= 6.0.0 < 6.0.11 | 6.0.11 |
| palo_alto_networks | globalprotect_app | >= 6.1 < 6.1.13 | 6.1.13 |
| palo_alto_networks | globalprotect_app | >= 6.2.0 < 6.2.8-h10 (6.2.8-948) | 6.2.8-h10 (6.2.8-948) |
| palo_alto_networks | globalprotect_app | >= 6.3.0 < 6.3.3-h9 (6.3.3-999) | 6.3.3-h9 (6.3.3-999) |
| palo_alto_networks | globalprotect_app | >= 6.3.0 < 6.3.3-h2 (6.3.3-42) | 6.3.3-h2 (6.3.3-42) |
| palo_alto_networks | globalprotect_uwp_app | >= 6.3 < 6.3.3-h10 | 6.3.3-h10 |
| paloalto | globalprotect_app | — | — |
| paloalto | globalprotect_uwp_app | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mv4m-c9mp-36jr: A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system proces
ghsa_unreviewed·2026-05-13
CVE-2026-0250 [MEDIUM] CWE-787 GHSA-mv4m-c9mp-36jr: A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system proces
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.
The GlobalProtect app on iOS is not affected.
VulDB
Palo Alto GlobalProtect App/GlobalProtect UWP App prior 6.3.3-h9 (6.3.3-999) out-of-bounds write (EUVD-2026-30101)
vuldb·2026-05-13·CVSS 5.2
CVE-2026-0250 [MEDIUM] Palo Alto GlobalProtect App/GlobalProtect UWP App prior 6.3.3-h9 (6.3.3-999) out-of-bounds write (EUVD-2026-30101)
A vulnerability, which was classified as critical, was found in Palo Alto GlobalProtect App and GlobalProtect UWP App. This impacts an unknown function. Such manipulation leads to out-of-bounds write.
This vulnerability is referenced as CVE-2026-0250. The attack needs to be initiated within the local network. No exploit is available.
You should upgrade the affected component.
Palo Alto
GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
vendor_paloalto·CVSS 5.2
CVE-2026-0250 [MEDIUM] CWE-787 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.
The GlobalProtect app on iOS is not affected.
Affected products: GlobalProtect App, GlobalProtect UWP App
Solution: VERSION MINOR VERSION SUGGESTED SOLUTION
GlobalProtect App 6.3 on Windows 6.3.0 through 6.3.3-h8 Upgrade to 6.3.3-h9 (6.3.3-999) or later.
GlobalProtect App 6.2 on Windows 6.2.0 through 6.2.8-h9 Upgrade to 6.2.8-h10 (6.2.8-948) or later.
GlobalProtect App 6
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-13
Published