{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0251", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-11-03T20:44:11.930Z", "datePublished": "2026-05-13T18:20:01.156Z", "dateUpdated": "2026-05-13T18:56:49.781Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2026-05-13T18:20:01.156Z"}, "title": "GlobalProtect App: Local Privilege Escalation Vulnerabilities", "datePublic": "2026-05-13T16:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Windows"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h9 (6.3.3-999)", "changes": [{"at": "6.3.3-h9 (6.3.3-999)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.2.0", "lessThan": "6.2.8-h10 (6.2.8-948)", "changes": [{"at": "6.2.8-h10 (6.2.8-948)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.0.13", "changes": [{"at": "6.0.13", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected", "cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.12:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*"]}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["macOS"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h9 (6.3.3-999)", "changes": [{"at": "6.3.3-h9 (6.3.3-999)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.2.0", "lessThan": "6.2.8-h10 (6.2.8-948)", "changes": [{"at": "6.2.8-h10 (6.2.8-948)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.0.13", "changes": [{"at": "6.0.13", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected", "cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.12:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"]}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Linux"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h2 (6.3.3-42)", "changes": [{"at": "6.3.3-h2 (6.3.3-42)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.0.11", "changes": [{"at": "6.0.11", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected", "cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.12:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"]}, {"vendor": "Palo Alto Networks", "product": "Global Protect App", "platforms": ["Android", "ChromeOS", "iOS", "UWP"], "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Windows:*:*", "versionEndExcluding": "6.3.3-h9_(6.3.3-999)", "versionStartIncluding": "6.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Windows:*:*", "versionEndExcluding": "6.2.8-h10_(6.2.8-948)", "versionStartIncluding": "6.2.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Windows:*:*", "versionEndExcluding": "6.0.13", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*", "versionEndExcluding": "6.3.3-h9_(6.3.3-999)", "versionStartIncluding": "6.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*", "versionEndExcluding": "6.2.8-h10_(6.2.8-948)", "versionStartIncluding": "6.2.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*", "versionEndExcluding": "6.0.13", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Linux:*:*", "versionEndExcluding": "6.3.3-h2_(6.3.3-42)", "versionStartIncluding": "6.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Linux:*:*", "versionEndExcluding": "6.0.11", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "descriptions": [{"lang": "en", "value": "Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app allow a local user to escalate their privileges to NT AUTHORITY\\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app allow a local user to escalate their privileges to NT AUTHORITY\\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.<br><br>The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.</p>"}]}], "references": [{"url": "https://security.paloaltonetworks.com/CVE-2026-0251", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "Safety": "NOT_DEFINED", "Automatable": "NO", "Recovery": "USER", "valueDensity": "DIFFUSE", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.9, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"}}], "configurations": [{"lang": "eng", "value": "No special configuration is required to be affected by this issue.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>No special configuration is required to be affected by this issue.</p>"}]}], "workarounds": [{"lang": "eng", "value": "No known workarounds exist for this issue.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>No known workarounds exist for this issue.</p>"}]}], "solutions": [{"lang": "eng", "value": "VERSION MINOR VERSION SUGGESTED SOLUTION\nGlobalProtect App 6.0 on Windows 6.0.0 through 6.0.12 Upgrade to 6.0.13 or later.\nGlobalProtect App 6.2 on Windows 6.2.0 through 6.2.8-h9 Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.3 on Windows 6.3.0 through 6.3.3-h8 Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.0 on macOS 6.0.0 through 6.0.12 Upgrade to 6.0.13 or later.\nGlobalProtect App 6.2 on macOS 6.2.0 through 6.2.8-h9 Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.3 on macOS 6.3.0 through 6.3.3-h8 Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.0 on Linux 6.0.0 through 6.0.10 Upgrade to 6.0.11 or later\nGlobalProtect App 6.2 on Linux 6.2.0 through 6.2.9 Upgrade to 6.3.3-h2 (6.3.3-42) or later.\nGlobalProtect App 6.3 on Linux 6.3.0 through 6.3.3-h1 Upgrade to 6.3.3-h2 (6.3.3-42) or later.\nGlobalProtect App on Android No action needed.\nGlobalProtect App on Chrome OS No action needed.\nGlobalProtect App on iOS No action needed.\nGlobalProtect App on UWP No action needed.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<table class=\"tbl\"><thead><tr><th>Version</th><th>Minor Version</th><th>Suggested Solution</th></tr></thead><tbody><tr><td>GlobalProtect App 6.0 on Windows</td><td>6.0.0 through 6.0.12</td><td>Upgrade to 6.0.13 or later.</td></tr><tr><td>GlobalProtect App 6.2 on Windows</td><td>6.2.0 through 6.2.8-h9</td><td>Upgrade to 6.2.8-h10 (6.2.8-948) or later.</td></tr><tr><td>GlobalProtect App 6.3 on Windows</td><td>6.3.0 through 6.3.3-h8</td><td>Upgrade to 6.3.3-h9 (6.3.3-999) or later.</td></tr><tr><td>GlobalProtect App 6.0 on macOS</td><td>6.0.0 through 6.0.12</td><td>Upgrade to 6.0.13 or later.</td></tr><tr><td>GlobalProtect App 6.2 on macOS</td><td>6.2.0 through 6.2.8-h9</td><td>Upgrade to 6.2.8-h10 (6.2.8-948) or later.</td></tr><tr><td>GlobalProtect App 6.3 on macOS</td><td>6.3.0 through 6.3.3-h8</td><td>Upgrade to 6.3.3-h9 (6.3.3-999) or later.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td>6.0.0 through 6.0.10</td><td>Upgrade to 6.0.11 or later</td></tr><tr><td>GlobalProtect App 6.2 on Linux</td><td>6.2.0 through 6.2.9</td><td>Upgrade to 6.3.3-h2 (6.3.3-42) or later.</td></tr><tr><td>GlobalProtect App 6.3 on Linux</td><td>6.3.0 through 6.3.3-h1</td><td>Upgrade to 6.3.3-h2 (6.3.3-42) or later.</td></tr><tr><td>GlobalProtect App on Android</td><td><br></td><td>No action needed.</td></tr><tr><td>GlobalProtect App on Chrome OS</td><td><br></td><td>No action needed.</td></tr><tr><td>GlobalProtect App on iOS</td><td><br></td><td>No action needed.</td></tr><tr><td>GlobalProtect App on UWP</td><td><br></td><td>No action needed.</td></tr></tbody></table>"}]}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Palo Alto Networks is not aware of any malicious exploitation of these issues.</p>"}]}], "timeline": [{"time": "2026-05-13T16:00:00.000Z", "lang": "en", "value": "Initial publication."}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.", "type": "other"}], "source": {"discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "x_affectedList": ["GlobalProtect App 6.0.12", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-13T18:55:51.583388Z", "id": "CVE-2026-0251", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-13T18:56:49.781Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0251", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-11-03T20:44:11.930Z", "datePublished": "2026-05-13T18:20:01.156Z", "dateUpdated": "2026-05-13T18:56:49.781Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2026-05-13T18:20:01.156Z"}, "title": "GlobalProtect App: Local Privilege Escalation Vulnerabilities", "datePublic": "2026-05-13T16:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Windows"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h9 (6.3.3-999)", "changes": [{"at": "6.3.3-h9 (6.3.3-999)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.2.0", "lessThan": "6.2.8-h10 (6.2.8-948)", "changes": [{"at": "6.2.8-h10 (6.2.8-948)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.0.13", "changes": [{"at": "6.0.13", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected", "cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.12:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*"]}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["macOS"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h9 (6.3.3-999)", "changes": [{"at": "6.3.3-h9 (6.3.3-999)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.2.0", "lessThan": "6.2.8-h10 (6.2.8-948)", "changes": [{"at": "6.2.8-h10 (6.2.8-948)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.0.13", "changes": [{"at": "6.0.13", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected", "cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.12:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"]}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Linux"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h2 (6.3.3-42)", "changes": [{"at": "6.3.3-h2 (6.3.3-42)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.0.11", "changes": [{"at": "6.0.11", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected", "cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.12:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"]}, {"vendor": "Palo Alto Networks", "product": "Global Protect App", "platforms": ["Android", "ChromeOS", "iOS", "UWP"], "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Windows:*:*", "versionEndExcluding": "6.3.3-h9_(6.3.3-999)", "versionStartIncluding": "6.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Windows:*:*", "versionEndExcluding": "6.2.8-h10_(6.2.8-948)", "versionStartIncluding": "6.2.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Windows:*:*", "versionEndExcluding": "6.0.13", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*", "versionEndExcluding": "6.3.3-h9_(6.3.3-999)", "versionStartIncluding": "6.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*", "versionEndExcluding": "6.2.8-h10_(6.2.8-948)", "versionStartIncluding": "6.2.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:macOS:*:*", "versionEndExcluding": "6.0.13", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Linux:*:*", "versionEndExcluding": "6.3.3-h2_(6.3.3-42)", "versionStartIncluding": "6.3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:*:*:*:Linux:*:*", "versionEndExcluding": "6.0.11", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "descriptions": [{"lang": "en", "value": "Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app allow a local user to escalate their privileges to NT AUTHORITY\\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app allow a local user to escalate their privileges to NT AUTHORITY\\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.<br><br>The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.</p>"}]}], "references": [{"url": "https://security.paloaltonetworks.com/CVE-2026-0251", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "Safety": "NOT_DEFINED", "Automatable": "NO", "Recovery": "USER", "valueDensity": "DIFFUSE", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.9, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"}}], "configurations": [{"lang": "eng", "value": "No special configuration is required to be affected by this issue.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>No special configuration is required to be affected by this issue.</p>"}]}], "workarounds": [{"lang": "eng", "value": "No known workarounds exist for this issue.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>No known workarounds exist for this issue.</p>"}]}], "solutions": [{"lang": "eng", "value": "VERSION MINOR VERSION SUGGESTED SOLUTION\nGlobalProtect App 6.0 on Windows 6.0.0 through 6.0.12 Upgrade to 6.0.13 or later.\nGlobalProtect App 6.2 on Windows 6.2.0 through 6.2.8-h9 Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.3 on Windows 6.3.0 through 6.3.3-h8 Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.0 on macOS 6.0.0 through 6.0.12 Upgrade to 6.0.13 or later.\nGlobalProtect App 6.2 on macOS 6.2.0 through 6.2.8-h9 Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.3 on macOS 6.3.0 through 6.3.3-h8 Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.0 on Linux 6.0.0 through 6.0.10 Upgrade to 6.0.11 or later\nGlobalProtect App 6.2 on Linux 6.2.0 through 6.2.9 Upgrade to 6.3.3-h2 (6.3.3-42) or later.\nGlobalProtect App 6.3 on Linux 6.3.0 through 6.3.3-h1 Upgrade to 6.3.3-h2 (6.3.3-42) or later.\nGlobalProtect App on Android No action needed.\nGlobalProtect App on Chrome OS No action needed.\nGlobalProtect App on iOS No action needed.\nGlobalProtect App on UWP No action needed.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<table class=\"tbl\"><thead><tr><th>Version</th><th>Minor Version</th><th>Suggested Solution</th></tr></thead><tbody><tr><td>GlobalProtect App 6.0 on Windows</td><td>6.0.0 through 6.0.12</td><td>Upgrade to 6.0.13 or later.</td></tr><tr><td>GlobalProtect App 6.2 on Windows</td><td>6.2.0 through 6.2.8-h9</td><td>Upgrade to 6.2.8-h10 (6.2.8-948) or later.</td></tr><tr><td>GlobalProtect App 6.3 on Windows</td><td>6.3.0 through 6.3.3-h8</td><td>Upgrade to 6.3.3-h9 (6.3.3-999) or later.</td></tr><tr><td>GlobalProtect App 6.0 on macOS</td><td>6.0.0 through 6.0.12</td><td>Upgrade to 6.0.13 or later.</td></tr><tr><td>GlobalProtect App 6.2 on macOS</td><td>6.2.0 through 6.2.8-h9</td><td>Upgrade to 6.2.8-h10 (6.2.8-948) or later.</td></tr><tr><td>GlobalProtect App 6.3 on macOS</td><td>6.3.0 through 6.3.3-h8</td><td>Upgrade to 6.3.3-h9 (6.3.3-999) or later.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td>6.0.0 through 6.0.10</td><td>Upgrade to 6.0.11 or later</td></tr><tr><td>GlobalProtect App 6.2 on Linux</td><td>6.2.0 through 6.2.9</td><td>Upgrade to 6.3.3-h2 (6.3.3-42) or later.</td></tr><tr><td>GlobalProtect App 6.3 on Linux</td><td>6.3.0 through 6.3.3-h1</td><td>Upgrade to 6.3.3-h2 (6.3.3-42) or later.</td></tr><tr><td>GlobalProtect App on Android</td><td><br></td><td>No action needed.</td></tr><tr><td>GlobalProtect App on Chrome OS</td><td><br></td><td>No action needed.</td></tr><tr><td>GlobalProtect App on iOS</td><td><br></td><td>No action needed.</td></tr><tr><td>GlobalProtect App on UWP</td><td><br></td><td>No action needed.</td></tr></tbody></table>"}]}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of these issues.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Palo Alto Networks is not aware of any malicious exploitation of these issues.</p>"}]}], "timeline": [{"time": "2026-05-13T16:00:00.000Z", "lang": "en", "value": "Initial publication."}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.", "type": "other"}], "source": {"discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "x_affectedList": ["GlobalProtect App 6.0.12", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-0251", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-13T18:55:51.583388Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-13T18:55:58.045Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app allow a local user to escalate their privileges to NT AUTHORITY\\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative privileges.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "id": "CVE-2026-0251", "lastModified": "2026-05-13T19:16:59.470", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2026-05-13T19:16:59.470", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2026-0251"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}