{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0141", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-12-20T23:24:48.571Z", "datePublished": "2025-07-09T22:58:54.755Z", "dateUpdated": "2025-07-10T13:00:26.238Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*"], "defaultStatus": "unaffected", "platforms": ["macOS", "Windows"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.3.3-h1 (6.3.3-c650)", "status": "unaffected"}], "lessThan": "6.3.3-h1 (6.3.3-c650)", "status": "affected", "version": "6.3.0", "versionType": "custom"}, {"changes": [{"at": "6.2.8-h2 (6.2.8-c243)", "status": "unaffected"}], "lessThan": "6.2.8-h2 (6.2.8-c243)", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "platforms": ["Android", "Chrome OS", "iOS"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "GlobalProtect UWP App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"], "defaultStatus": "unaffected", "platforms": ["Linux"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.2.8", "status": "unaffected"}], "lessThan": "6.2.8", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No special configuration is required to be vulnerable to this issue."}], "value": "No special configuration is required to be vulnerable to this issue."}], "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla"}, {"lang": "en", "type": "finder", "value": "Graham Brereton (graham.brereton@form3.tech)"}], "datePublic": "2025-07-09T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.<br><br>The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.4, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-07-10T00:17:38.636Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2025-0141"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table class=\"tbl\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.3 on macOS<br></td>\n <td>6.3.0 through 6.3.3</td>\n <td>Upgrade to 6.3.3-h1 (6.3.3-c650) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.3 on Windows<br></td>\n <td>6.3.0 through 6.3.3</td>\n <td>Upgrade to 6.3.3-h1 (6.3.3-c650) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on macOS<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h2 (6.2.8-c243) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on Windows<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h2 (6.2.8-c243) or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.1 on Windows</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.0 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.0 on Windows</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr>\n <td>GlobalProtect App 6.2 on Linux<br></td>\n <td>6.2.0 through 6.2.7</td>\n <td>Upgrade to 6.2.8 or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on Linux</td><td></td><td>Upgrade to 6.2.8 or later.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td></td><td>Upgrade to 6.2.8 or later.</td></tr><tr><td><span>GlobalProtect App on Android, Chrome OS, iOS</span></td><td>&nbsp;</td><td>No action needed.</td></tr><tr><td>GlobalProtect UWP App<br></td><td></td><td>No action needed.</td></tr></tbody></table>"}], "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on macOS\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.3 on Windows\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.2 on macOS\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n \n GlobalProtect App 6.2 on Windows\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.1 on WindowsUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on WindowsUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\n GlobalProtect App 6.2 on Linux\n\n 6.2.0 through 6.2.7\n Upgrade to 6.2.8 or later.\n GlobalProtect App 6.1 on LinuxUpgrade to 6.2.8 or later.GlobalProtect App 6.0 on LinuxUpgrade to 6.2.8 or later.GlobalProtect App on Android, Chrome OS, iOS\u00a0No action needed.GlobalProtect UWP App\nNo action needed."}], "source": {"defect": ["GPC-21586"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-07-09T16:00:00.000Z", "value": "Initial Publication"}], "title": "GlobalProtect App: Privilege Escalation (PE) Vulnerability", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No workaround or mitigation is available."}], "value": "No workaround or mitigation is available."}], "x_affectedList": ["GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-10T03:56:03.900001Z", "id": "CVE-2025-0141", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-10T13:00:26.238Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0141", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-10T03:56:03.900001Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-10T13:00:21.758Z"}}], "cna": {"title": "GlobalProtect App: Privilege Escalation (PE) Vulnerability", "source": {"defect": ["GPC-21586"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla"}, {"lang": "en", "type": "finder", "value": "Graham Brereton (graham.brereton@form3.tech)"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 8.4, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "changes": [{"at": "6.3.3-h1 (6.3.3-c650)", "status": "unaffected"}], "version": "6.3.0", "lessThan": "6.3.3-h1 (6.3.3-c650)", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "6.2.8-h2 (6.2.8-c243)", "status": "unaffected"}], "version": "6.2.0", "lessThan": "6.2.8-h2 (6.2.8-c243)", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}], "platforms": ["macOS", "Windows"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "platforms": ["Android", "Chrome OS", "iOS"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect UWP App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "changes": [{"at": "6.2.8", "status": "unaffected"}], "version": "6.2.0", "lessThan": "6.2.8", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-07-09T16:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "eng", "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on macOS\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.3 on Windows\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.2 on macOS\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n \n GlobalProtect App 6.2 on Windows\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.1 on WindowsUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on WindowsUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\n GlobalProtect App 6.2 on Linux\n\n 6.2.0 through 6.2.7\n Upgrade to 6.2.8 or later.\n GlobalProtect App 6.1 on LinuxUpgrade to 6.2.8 or later.GlobalProtect App 6.0 on LinuxUpgrade to 6.2.8 or later.GlobalProtect App on Android, Chrome OS, iOS\u00a0No action needed.GlobalProtect UWP App\nNo action needed.", "supportingMedia": [{"type": "text/html", "value": "<table class=\"tbl\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.3 on macOS<br></td>\n <td>6.3.0 through 6.3.3</td>\n <td>Upgrade to 6.3.3-h1 (6.3.3-c650) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.3 on Windows<br></td>\n <td>6.3.0 through 6.3.3</td>\n <td>Upgrade to 6.3.3-h1 (6.3.3-c650) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on macOS<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h2 (6.2.8-c243) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on Windows<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h2 (6.2.8-c243) or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.1 on Windows</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.0 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.0 on Windows</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr>\n <td>GlobalProtect App 6.2 on Linux<br></td>\n <td>6.2.0 through 6.2.7</td>\n <td>Upgrade to 6.2.8 or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on Linux</td><td></td><td>Upgrade to 6.2.8 or later.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td></td><td>Upgrade to 6.2.8 or later.</td></tr><tr><td><span>GlobalProtect App on Android, Chrome OS, iOS</span></td><td>&nbsp;</td><td>No action needed.</td></tr><tr><td>GlobalProtect UWP App<br></td><td></td><td>No action needed.</td></tr></tbody></table>", "base64": false}]}], "datePublic": "2025-07-09T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-0141", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "No workaround or mitigation is available.", "supportingMedia": [{"type": "text/html", "value": "No workaround or mitigation is available.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "supportingMedia": [{"type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.<br><br>The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path"}]}], "configurations": [{"lang": "en", "value": "No special configuration is required to be vulnerable to this issue.", "supportingMedia": [{"type": "text/html", "value": "No special configuration is required to be vulnerable to this issue.", "base64": false}]}], "x_affectedList": ["GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-07-10T00:17:38.636Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0141", "state": "PUBLISHED", "dateUpdated": "2025-07-10T13:00:26.238Z", "dateReserved": "2024-12-20T23:24:48.571Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2025-07-09T22:58:54.755Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}, {"lang": "es", "value": "Una vulnerabilidad de asignaci\u00f3n incorrecta de privilegios en la aplicaci\u00f3n GlobalProtect\u2122 de Palo Alto Networks permite que un usuario no administrativo autenticado localmente escale sus privilegios a root en macOS y Linux, o a NT AUTHORITY\\SYSTEM en Windows. La aplicaci\u00f3n GlobalProtect en iOS, Android, Chrome OS y la aplicaci\u00f3n GlobalProtect UWP no se ven afectadas."}], "id": "CVE-2025-0141", "lastModified": "2025-07-10T13:17:30.017", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2025-07-09T23:15:24.480", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2025-0141"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}