CVE-2025-0117
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.
| CWE | CWE-807 |
| Vendor | palo alto networks |
| Product | globalprotect app |
| Published | Mar 12, 2025 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for palo alto networks globalprotect app
Be the first to know when new unknown vulnerabilities affecting palo alto networks globalprotect app are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Palo Alto Networks / GlobalProtect App
6.3.0 < 6.3.3 6.2.0 < 6.2.6 6.1.0 < 10.2.14 6.0.0 < 10.1.14-h11
Palo Alto Networks / GlobalProtect App
All versions affected Palo Alto Networks / GlobalProtect UWP App
All versions affected References
Credits
Maxime ESCOURBIAC, Michelin CERT Yassine BENGANA, Abicom for Michelin CERT Handelsbanken AB F-Secure