cvelistv5 - cve-2025-4232

CVE-2025-4232 (GCVE-0-2025-4232)

Vulnerability from cvelistv5 – Published: 2025-06-12 23:22 – Updated: 2025-06-14 03:56

Summary

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.

Severity ?

8.5 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

CWE

CWE-155 - Improper Neutralization of Wildcards or Matching Symbols

Assigner

palo_alto

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2025-4232

vendor-advisory

Impacted products

Vendor

Product

Version

Palo Alto Networks

GlobalProtect App

Affected: 6.3 , < 6.3.3 (custom)
Affected: 6.2.0 , < 6.2.8-h2 (custom)
Affected: 6.1.0 (custom)
Affected: 6.0.0 (custom)
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*

Palo Alto Networks

GlobalProtect App

Unaffected: All (custom)
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:ChromeOS:*:*

Credits

Rutger Flohil

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4232",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-13T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-14T03:56:19.065Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "macOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.3.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.3.3",
              "status": "affected",
              "version": "6.3",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.2.8-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.2.8-h2",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:ChromeOS:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "Linux",
            "Android",
            "iOS",
            "Chrome OS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eNo special configuration is required to be affected by this issue.\u003c/span\u003e"
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Rutger Flohil"
        }
      ],
      "datePublic": "2025-06-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root.\u003c/p\u003e"
            }
          ],
          "value": "An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-155",
              "description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-12T23:22:34.993Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2025-4232"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n                                    \u003ctd\u003eGlobalProtect App 6.3 on macOS\u003cbr\u003e\u003c/td\u003e\n                                    \u003ctd\u003e6.3.0 through 6.3.2\u003c/td\u003e\n                                    \u003ctd\u003eUpgrade to 6.3.3 or later.\u003c/td\u003e\n                                \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on macOS\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.2.8-h2\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or\u0026nbsp;6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Linux\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Android\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Chrome OS\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version\nMinor Version\nSuggested Solution\n\n                                    GlobalProtect App 6.3 on macOS\n\n                                    6.3.0 through 6.3.2\n                                    Upgrade to 6.3.3 or later.\n                                GlobalProtect App 6.2 on macOS6.2.0 through 6.2.8-h2Upgrade to 6.2.8-h2 [ETA June 2025] or\u00a06.3.3 or later.GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App on Windows\nNo action needed.GlobalProtect App on Linux\nNo action needed.GlobalProtect App on Android\nNo action needed.GlobalProtect App on iOS\nNo action needed.GlobalProtect App on Chrome OS\u00a0No action needed."
        }
      ],
      "source": {
        "defect": [
          "GPC-21969"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-11T16:00:00.000Z",
          "value": "Initial Publication"
        }
      ],
      "title": "GlobalProtect: Authenticated Code Injection Through Wildcard on macOS",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eNo workaround or mitigation is available.\u003c/span\u003e"
            }
          ],
          "value": "No workaround or mitigation is available."
        }
      ],
      "x_affectedList": [
        "GlobalProtect App 6.3.2",
        "GlobalProtect App 6.3.1",
        "GlobalProtect App 6.3.0",
        "GlobalProtect App 6.3",
        "GlobalProtect App 6.2.7",
        "GlobalProtect App 6.2.6",
        "GlobalProtect App 6.2.4",
        "GlobalProtect App 6.2.3",
        "GlobalProtect App 6.2.2",
        "GlobalProtect App 6.2.1",
        "GlobalProtect App 6.2.0",
        "GlobalProtect App 6.2",
        "GlobalProtect App 6.1.7",
        "GlobalProtect App 6.1.6",
        "GlobalProtect App 6.1.5",
        "GlobalProtect App 6.1.4",
        "GlobalProtect App 6.1.3",
        "GlobalProtect App 6.1.2",
        "GlobalProtect App 6.1.1",
        "GlobalProtect App 6.1.0",
        "GlobalProtect App 6.1",
        "GlobalProtect App 6.0.11",
        "GlobalProtect App 6.0.10",
        "GlobalProtect App 6.0.8",
        "GlobalProtect App 6.0.7",
        "GlobalProtect App 6.0.6",
        "GlobalProtect App 6.0.5",
        "GlobalProtect App 6.0.4",
        "GlobalProtect App 6.0.3",
        "GlobalProtect App 6.0.2",
        "GlobalProtect App 6.0.1",
        "GlobalProtect App 6.0.0",
        "GlobalProtect App 6.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2025-4232",
    "datePublished": "2025-06-12T23:22:34.993Z",
    "dateReserved": "2025-05-02T19:10:45.457Z",
    "dateUpdated": "2025-06-14T03:56:19.065Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-4232\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2025-06-13T00:15:23.697\",\"lastModified\":\"2025-06-27T16:47:32.383\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de neutralizaci\u00f3n incorrecta de comodines en la funci\u00f3n de recopilaci\u00f3n de registros de la aplicaci\u00f3n Palo Alto Networks GlobalProtect\u2122 en macOS permite que un usuario no administrativo aumente sus privilegios a root.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-155\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.2.8\",\"matchCriteriaId\":\"B2DE8243-7786-4D7C-A0CB-A3D3E44C9B26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*\",\"versionStartIncluding\":\"6.3.0\",\"versionEndExcluding\":\"6.3.3\",\"matchCriteriaId\":\"EFAA1A23-5A3C-48FA-8672-D8329D67A14C\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2025-4232\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-4232\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-13T14:04:50.401483Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-13T14:04:53.482Z\"}}], \"cna\": {\"title\": \"GlobalProtect: Authenticated Code Injection Through Wildcard on macOS\", \"source\": {\"defect\": [\"GPC-21969\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Rutger Flohil\"}], \"impacts\": [{\"capecId\": \"CAPEC-248\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-248 Command Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 8.5, \"Automatable\": \"NO\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"GlobalProtect App\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"6.3.3\", \"status\": \"unaffected\"}], \"version\": \"6.3\", \"lessThan\": \"6.3.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"6.2.8-h2\", \"status\": \"unaffected\"}], \"version\": \"6.2.0\", \"lessThan\": \"6.2.8-h2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.1.0\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.0.0\", \"versionType\": \"custom\"}], \"platforms\": [\"macOS\"], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:ChromeOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Android:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:iOS:*:*\", \"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:ChromeOS:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"GlobalProtect App\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\", \"Linux\", \"Android\", \"iOS\", \"Chrome OS\"], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-06-11T16:00:00.000Z\", \"value\": \"Initial Publication\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"Version\\nMinor Version\\nSuggested Solution\\n\\n                                    GlobalProtect App 6.3 on macOS\\n\\n                                    6.3.0 through 6.3.2\\n                                    Upgrade to 6.3.3 or later.\\n                                GlobalProtect App 6.2 on macOS6.2.0 through 6.2.8-h2Upgrade to 6.2.8-h2 [ETA June 2025] or\\u00a06.3.3 or later.GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App on Windows\\nNo action needed.GlobalProtect App on Linux\\nNo action needed.GlobalProtect App on Android\\nNo action needed.GlobalProtect App on iOS\\nNo action needed.GlobalProtect App on Chrome OS\\u00a0No action needed.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003ctable class=\\\"tbl\\\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\\n                                    \u003ctd\u003eGlobalProtect App 6.3 on macOS\u003cbr\u003e\u003c/td\u003e\\n                                    \u003ctd\u003e6.3.0 through 6.3.2\u003c/td\u003e\\n                                    \u003ctd\u003eUpgrade to 6.3.3 or later.\u003c/td\u003e\\n                                \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on macOS\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.2.8-h2\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or\u0026nbsp;6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Linux\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Android\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Chrome OS\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\", \"base64\": false}]}], \"datePublic\": \"2025-06-11T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2025-4232\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"No workaround or mitigation is available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan\u003eNo workaround or mitigation is available.\u003c/span\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\\u2122 app on macOS allows a non administrative user to escalate their privileges to root.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAn improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\\u2122 app on macOS allows a non administrative user to escalate their privileges to root.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-155\", \"description\": \"CWE-155: Improper Neutralization of Wildcards or Matching Symbols\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"No special configuration is required to be affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan\u003eNo special configuration is required to be affected by this issue.\u003c/span\u003e\", \"base64\": false}]}], \"x_affectedList\": [\"GlobalProtect App 6.3.2\", \"GlobalProtect App 6.3.1\", \"GlobalProtect App 6.3.0\", \"GlobalProtect App 6.3\", \"GlobalProtect App 6.2.7\", \"GlobalProtect App 6.2.6\", \"GlobalProtect App 6.2.4\", \"GlobalProtect App 6.2.3\", \"GlobalProtect App 6.2.2\", \"GlobalProtect App 6.2.1\", \"GlobalProtect App 6.2.0\", \"GlobalProtect App 6.2\", \"GlobalProtect App 6.1.7\", \"GlobalProtect App 6.1.6\", \"GlobalProtect App 6.1.5\", \"GlobalProtect App 6.1.4\", \"GlobalProtect App 6.1.3\", \"GlobalProtect App 6.1.2\", \"GlobalProtect App 6.1.1\", \"GlobalProtect App 6.1.0\", \"GlobalProtect App 6.1\", \"GlobalProtect App 6.0.11\", \"GlobalProtect App 6.0.10\", \"GlobalProtect App 6.0.8\", \"GlobalProtect App 6.0.7\", \"GlobalProtect App 6.0.6\", \"GlobalProtect App 6.0.5\", \"GlobalProtect App 6.0.4\", \"GlobalProtect App 6.0.3\", \"GlobalProtect App 6.0.2\", \"GlobalProtect App 6.0.1\", \"GlobalProtect App 6.0.0\", \"GlobalProtect App 6.0\"], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2025-06-12T23:22:34.993Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-4232\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-14T03:56:19.065Z\", \"dateReserved\": \"2025-05-02T19:10:45.457Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2025-06-12T23:22:34.993Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-2QVW-8F7V-J53G

Vulnerability from github – Published: 2025-06-13 00:33 – Updated: 2025-06-27 18:30

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.5 (High)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-4232"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-155"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-13T00:15:23Z",
    "severity": "HIGH"
  },
  "details": "An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root.",
  "id": "GHSA-2qvw-8f7v-j53g",
  "modified": "2025-06-27T18:30:38Z",
  "published": "2025-06-13T00:33:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4232"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4232"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

WID-SEC-W-2025-1310

Vulnerability from csaf_certbund - Published: 2025-06-11 22:00 - Updated: 2025-06-11 22:00

Summary

PaloAlto Networks GlobalProtect: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

GlobalProtect von PaloAlto ist eine Sicherheitsplattform.

Angriff

Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks GlobalProtect ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Linux - MacOS X - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "GlobalProtect von PaloAlto ist eine Sicherheitsplattform.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks GlobalProtect ausnutzen, um Sicherheitsvorkehrungen zu umgehen, und um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1310 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1310.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1310 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1310"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisory CVE-2025-4227 vom 2025-06-11",
        "url": "https://security.paloaltonetworks.com/CVE-2025-4227"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisory CVE-2025-4232 vom 2025-06-11",
        "url": "https://security.paloaltonetworks.com/CVE-2025-4232"
      }
    ],
    "source_lang": "en-US",
    "title": "PaloAlto Networks GlobalProtect: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-06-11T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-12T10:53:38.247+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-1310",
      "initial_release_date": "2025-06-11T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-06-11T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.3.2-566",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect \u003c6.3.2-566",
                  "product_id": "T044574"
                }
              },
              {
                "category": "product_version",
                "name": "6.3.2-566",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect 6.3.2-566",
                  "product_id": "T044574-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:paloaltonetworks:globalprotect:6.3.2-566"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.2.8-h2",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect \u003c6.2.8-h2",
                  "product_id": "T044575"
                }
              },
              {
                "category": "product_version",
                "name": "6.2.8-h2",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect 6.2.8-h2",
                  "product_id": "T044575-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:paloaltonetworks:globalprotect:6.2.8-h2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.3.3",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect \u003c6.3.3",
                  "product_id": "T044576"
                }
              },
              {
                "category": "product_version",
                "name": "6.3.3",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect 6.3.3",
                  "product_id": "T044576-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:paloaltonetworks:globalprotect:6.3.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.3.3-h1",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect \u003c6.3.3-h1",
                  "product_id": "T044577"
                }
              },
              {
                "category": "product_version",
                "name": "6.3.3-h1",
                "product": {
                  "name": "PaloAlto Networks GlobalProtect 6.3.3-h1",
                  "product_id": "T044577-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:paloaltonetworks:globalprotect:6.3.3-h1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "GlobalProtect"
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-4227",
      "product_status": {
        "known_affected": [
          "T044577",
          "T044576",
          "T044575",
          "T044574"
        ]
      },
      "release_date": "2025-06-11T22:00:00.000+00:00",
      "title": "CVE-2025-4227"
    },
    {
      "cve": "CVE-2025-4232",
      "product_status": {
        "known_affected": [
          "T044577",
          "T044576",
          "T044575",
          "T044574"
        ]
      },
      "release_date": "2025-06-11T22:00:00.000+00:00",
      "title": "CVE-2025-4232"
    }
  ]
}

CERTFR-2025-AVI-0505

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un contournement de la politique de sécurité.

Palo Alto Networks a connaissance d'une preuve de concept pour la vulnérabilité CVE-2025-4232.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions correctives 10.1.14-h16 et 11.2.7 pour la vulnérabilité CVE-2025-4229 affectant respectivement PAN-OS versions 10.1.x et 11.2.x sont prévues pour juillet 2025 et juin 2025. Les versions correctives 6.2.8-h2 et 6.3.3-h1 pour la vulnérabilité CVE-2025-4227 affectant respectivement GlobalProtect App versions 6.2.x et 6.3.x sont prévues pour juin 2025.

Impacted products

Vendor	Product	Description
Palo Alto Networks	PAN-OS	PAN-OS toutes versions à 10.1.x
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-HF
Palo Alto Networks	Prisma Access Browser	Prisma Access Browser versions antérieures à 137.16.2.69
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.x antérieures à 11.1.10
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-h2
Palo Alto Networks	GlobalProtect App	GlobalProtect App toutes version 6.0.x
Palo Alto Networks	Cortex XDR Broker	Cortex XDR Broker VM versions antérieures à 27.0.26
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.x antérieures à 10.2.17
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0.x antérieures à 11.0.3
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3-h1
Palo Alto Networks	GlobalProtect App	GlobalProtect App toutes versions 6.1.x
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.x antérieures à 11.2.7

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks CVE-2025-4231	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4227	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4228	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4230	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4232	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4229	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2025-0011	2025-06-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PAN-OS toutes versions \u00e0 10.1.x",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-HF",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 137.16.2.69",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.10",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-h2",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App toutes version 6.0.x",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Broker VM versions ant\u00e9rieures \u00e0 27.0.26",
      "product": {
        "name": "Cortex XDR Broker",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.17",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.3",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h1",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App toutes versions 6.1.x",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "Les versions correctives 10.1.14-h16 et 11.2.7 pour la vuln\u00e9rabilit\u00e9 CVE-2025-4229 affectant respectivement PAN-OS versions 10.1.x et 11.2.x sont pr\u00e9vues pour juillet 2025 et juin 2025.\nLes versions correctives 6.2.8-h2 et 6.3.3-h1 pour la vuln\u00e9rabilit\u00e9 CVE-2025-4227 affectant respectivement GlobalProtect App versions 6.2.x et 6.3.x sont pr\u00e9vues pour juin 2025.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-5280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5280"
    },
    {
      "name": "CVE-2025-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
    },
    {
      "name": "CVE-2025-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4229"
    },
    {
      "name": "CVE-2025-5065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
    },
    {
      "name": "CVE-2025-4233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4233"
    },
    {
      "name": "CVE-2025-4664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
    },
    {
      "name": "CVE-2025-5066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
    },
    {
      "name": "CVE-2025-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4230"
    },
    {
      "name": "CVE-2025-5064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
    },
    {
      "name": "CVE-2025-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4231"
    },
    {
      "name": "CVE-2025-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4228"
    },
    {
      "name": "CVE-2025-5419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
    },
    {
      "name": "CVE-2025-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4227"
    },
    {
      "name": "CVE-2025-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4232"
    },
    {
      "name": "CVE-2025-5068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
    },
    {
      "name": "CVE-2025-5067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
    },
    {
      "name": "CVE-2025-5283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
    },
    {
      "name": "CVE-2025-5063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
    }
  ],
  "links": [],
  "reference": "CERTFR-2025-AVI-0505",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un contournement de la politique de s\u00e9curit\u00e9.\n\nPalo Alto Networks a connaissance d\u0027une preuve de concept pour la vuln\u00e9rabilit\u00e9 CVE-2025-4232.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4231",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4231"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4227",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4227"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4228",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4228"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4230",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4230"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4232",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4232"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4229",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4229"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0011",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2025-0011"
    }
  ]
}

CERTFR-2025-AVI-0505

Vulnerability from certfr_avis - Published: - Updated:

Palo Alto Networks a connaissance d'une preuve de concept pour la vulnérabilité CVE-2025-4232.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	PAN-OS	PAN-OS toutes versions à 10.1.x
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-HF
Palo Alto Networks	Prisma Access Browser	Prisma Access Browser versions antérieures à 137.16.2.69
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.x antérieures à 11.1.10
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-h2
Palo Alto Networks	GlobalProtect App	GlobalProtect App toutes version 6.0.x
Palo Alto Networks	Cortex XDR Broker	Cortex XDR Broker VM versions antérieures à 27.0.26
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.x antérieures à 10.2.17
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0.x antérieures à 11.0.3
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3-h1
Palo Alto Networks	GlobalProtect App	GlobalProtect App toutes versions 6.1.x
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.x antérieures à 11.2.7

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks CVE-2025-4231	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4227	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4228	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4230	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4232	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-4229	2025-06-11	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2025-0011	2025-06-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PAN-OS toutes versions \u00e0 10.1.x",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-HF",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 137.16.2.69",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.10",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-h2",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App toutes version 6.0.x",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Broker VM versions ant\u00e9rieures \u00e0 27.0.26",
      "product": {
        "name": "Cortex XDR Broker",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.17",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.3",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h1",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App toutes versions 6.1.x",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.7",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "Les versions correctives 10.1.14-h16 et 11.2.7 pour la vuln\u00e9rabilit\u00e9 CVE-2025-4229 affectant respectivement PAN-OS versions 10.1.x et 11.2.x sont pr\u00e9vues pour juillet 2025 et juin 2025.\nLes versions correctives 6.2.8-h2 et 6.3.3-h1 pour la vuln\u00e9rabilit\u00e9 CVE-2025-4227 affectant respectivement GlobalProtect App versions 6.2.x et 6.3.x sont pr\u00e9vues pour juin 2025.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-5280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5280"
    },
    {
      "name": "CVE-2025-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
    },
    {
      "name": "CVE-2025-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4229"
    },
    {
      "name": "CVE-2025-5065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
    },
    {
      "name": "CVE-2025-4233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4233"
    },
    {
      "name": "CVE-2025-4664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
    },
    {
      "name": "CVE-2025-5066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
    },
    {
      "name": "CVE-2025-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4230"
    },
    {
      "name": "CVE-2025-5064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
    },
    {
      "name": "CVE-2025-4231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4231"
    },
    {
      "name": "CVE-2025-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4228"
    },
    {
      "name": "CVE-2025-5419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
    },
    {
      "name": "CVE-2025-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4227"
    },
    {
      "name": "CVE-2025-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4232"
    },
    {
      "name": "CVE-2025-5068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
    },
    {
      "name": "CVE-2025-5067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
    },
    {
      "name": "CVE-2025-5283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
    },
    {
      "name": "CVE-2025-5063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
    }
  ],
  "links": [],
  "reference": "CERTFR-2025-AVI-0505",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un contournement de la politique de s\u00e9curit\u00e9.\n\nPalo Alto Networks a connaissance d\u0027une preuve de concept pour la vuln\u00e9rabilit\u00e9 CVE-2025-4232.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4231",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4231"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4227",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4227"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4228",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4228"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4230",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4230"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4232",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4232"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-4229",
      "url": "https://security.paloaltonetworks.com/CVE-2025-4229"
    },
    {
      "published_at": "2025-06-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0011",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2025-0011"
    }
  ]
}

FKIE_CVE-2025-4232

Vulnerability from fkie_nvd - Published: 2025-06-13 00:15 - Updated: 2025-06-27 16:47

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2025-4232	Vendor Advisory

Impacted products

	Vendor	Product	Version
	paloaltonetworks	globalprotect	*
	paloaltonetworks	globalprotect	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "B2DE8243-7786-4D7C-A0CB-A3D3E44C9B26",
              "versionEndExcluding": "6.2.8",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EFAA1A23-5A3C-48FA-8672-D8329D67A14C",
              "versionEndExcluding": "6.3.3",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de neutralizaci\u00f3n incorrecta de comodines en la funci\u00f3n de recopilaci\u00f3n de registros de la aplicaci\u00f3n Palo Alto Networks GlobalProtect\u2122 en macOS permite que un usuario no administrativo aumente sus privilegios a root."
    }
  ],
  "id": "CVE-2025-4232",
  "lastModified": "2025-06-27T16:47:32.383",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "DIFFUSE",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-13T00:15:23.697",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2025-4232"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-155"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-4232 (GCVE-0-2025-4232)

GHSA-2QVW-8F7V-J53G

WID-SEC-W-2025-1310

CERTFR-2025-AVI-0505

Solutions

CERTFR-2025-AVI-0505

Solutions

FKIE_CVE-2025-4232

Tags

Sightings

Nomenclature