Paloaltonetworks: >> Globalprotect >> 6.1.0 Security Vulnerabilities
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
CVSS Score
7.6
EPSS Score
0.025
Published
2024-05-06
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-03-13
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.
CVSS Score
4.5
EPSS Score
0.004
Published
2024-03-13
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-06-14
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
CVSS Score
6.3
EPSS Score
0.0
Published
2023-04-12
Page 2