A local privilege escalation vulnerability has been identified in the Palo Alto Networks GlobalProtect app, allowing users to escalate privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This vulnerability enables non-administrative users to execute arbitrary commands with administrative rights. The issue affects GlobalProtect App versions prior to 6.3.3-h9 on Windows, macOS, and Linux, as well as versions prior to 6.2.8-h10 on Windows and macOS. The vulnerability is not present in the GlobalProtect app on iOS, Android, Chrome OS, or the GlobalProtect UWP app.
Exploitation of this vulnerability allows for local privilege escalation, enabling a user to gain administrative rights and execute commands with elevated privileges.
Users can upgrade to GlobalProtect App version 6.3.3-h9 (6.3.3-999) or later on Windows, macOS, and Linux. For GlobalProtect App 6.2, users should upgrade to version 6.2.8-h10 (6.2.8-948) or later on Windows and macOS. Linux users should upgrade to version 6.3.3-h2 (6.3.3-42) or later. No action is needed for GlobalProtect App on Android, Chrome OS, iOS, or UWP.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
