CVE-2025-0141
GlobalProtect App: Privilege Escalation (PE) Vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
| CWE | CWE-426 |
| Vendor | palo alto networks |
| Product | globalprotect app |
| Published | Jul 9, 2025 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for palo alto networks globalprotect app
Be the first to know when new unknown vulnerabilities affecting palo alto networks globalprotect app are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Palo Alto Networks / GlobalProtect App
6.3.0 < 6.3.3-h1 (6.3.3-c650) 6.2.0 < 6.2.8-h2 (6.2.8-c243) 6.1.0 6.0.0
Palo Alto Networks / GlobalProtect App
All versions affected Palo Alto Networks / GlobalProtect UWP App
All versions affected Palo Alto Networks / GlobalProtect App
6.2.0 < 6.2.8 6.1.0 6.0.0
References
Credits
Alex Bourla Graham Brereton ([email protected])