A privilege escalation vulnerability has been identified in the Palo Alto Networks GlobalProtect App on macOS, Linux, and Windows. This vulnerability allows a locally authenticated non-administrative user to escalate privileges to root on macOS and Linux, or to NT AUTHORITY\SYSTEM on Windows. The issue does not affect the GlobalProtect app on iOS, Android, Chrome OS, or the GlobalProtect UWP app.
Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling a user to gain root access on macOS and Linux systems, or elevated privileges on Windows, allowing access to system-level resources and capabilities.
Users can upgrade to GlobalProtect App version 6.3.3-h1 (6.3.3-c650) or later on macOS and Windows. For GlobalProtect App 6.2, users should upgrade to version 6.2.8-h2 (6.2.8-c243) or later on macOS, Windows, or Linux. Users on GlobalProtect App 6.1 or 6.0 on macOS, Windows, or Linux should upgrade to version 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later. The GlobalProtect apps on Android, Chrome OS, iOS, and the GlobalProtect UWP app do not require any action.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
