CVE-2025-0141
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-09
Last updated on: 2025-07-10
Assigner: Palo Alto Networks, Inc.
Description
Description
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows.
The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| paloalto | globalprotect_app | 6.1 |
| paloalto | globalprotect_app | 6.0 |
| paloalto | globalprotect_app | 6.3 |
| paloalto | globalprotect_app | 6.2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-426 | The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an incorrect privilege assignment in the Palo Alto Networks GlobalProtect™ App that allows a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or to NT\AUTHORITY SYSTEM on Windows.
How can this vulnerability impact me? :
This vulnerability can allow a non-administrative user who has local access to escalate their privileges to the highest level (root or SYSTEM), potentially enabling them to execute unauthorized actions, access sensitive data, or compromise the system integrity.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70