Palo Alto Networks Globalprotect App vulnerabilities

CVE-2022-0016 [HIGH] CWE-703 CVE-2022-0016: An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. This issue impacts GlobalProtect app 5.2 versions earlier

CVE-2022-0019 [MEDIUM] CWE-522 CVE-2022-0019: An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the Glob

CVE-2022-0018 [MEDIUM] CWE-201 CVE-2022-0018: An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. This product behavior is intentional and poses no security risk when conn

CVE-2022-0021 [MEDIUM] CWE-532 CVE-2022-0021: An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtec An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect

CVE-2021-3057 [HIGH] CWE-121 CVE-2021-3057: A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versio

CVE-2021-3038 [MEDIUM] CWE-20 CVE-2021-3038: A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems a A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect a

CVE-2020-2032 [HIGH] CWE-367 CVE-2020-2032: A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limite A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect ap

CVE-2020-2033 [MEDIUM] CWE-290 CVE-2020-2033: When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks Glob When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing attacks. This allows the attacker to access the GlobalPro

CVE-2020-2004 [MEDIUM] CWE-534 CVE-2020-2004: Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnosti Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue to occur all of these conditions must be true: (1) 'Save User Credential' option should be set to 'Yes' in