CyberSecurityBoard
Sponsor Register Login

Palo Alto Networks GlobalProtect Vulnerability Allows Local Privilege Escalation to Root Access

Palo Alto Networks has disclosed a critical security vulnerability in its GlobalProtect VPN application that enables locally authenticated users to escalate their privileges to root access on macOS and Linux systems, or NT AUTHORITY\SYSTEM on Windows machines. The security flaw affects multiple versions of the GlobalProtect app across Windows, macOS, and Linux platforms, allowing non-administrative users who already have local access to a system to gain complete administrative control. All installations of GlobalProtect versions 6.1 and 6.0 across macOS, Windows, and Linux platforms are affected and require immediate upgrades to the latest patched versions. The vulnerability was discovered and reported by security researchers Alex Bourla and Graham Brereton, whom Palo Alto Networks has acknowledged for their responsible disclosure. For version 6.3 users on macOS and Windows, systems running versions prior to 6.3.3-h1 (6.3.3-c650) are vulnerable and should upgrade immediately. The vulnerability, classified as an incorrect privilege assignment flaw, poses significant security risks for organizations relying on the popular enterprise VPN solution.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 10 Jul 2025 16:30:15 +0000


Cyber News related to Palo Alto Networks GlobalProtect Vulnerability Allows Local Privilege Escalation to Root Access

Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
1 year ago Darkreading.com
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
1 year ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
1 year ago Paloaltonetworks.com
CVE-2022-0018 - An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the ...
3 years ago
Research Shows 163% ROI with Palo Alto Networks Software Firewalls - Good news is here for cloud and network security professionals who need proven, cost-effective solutions that substantially reduce downtime and breaches across a range of cloud and virtualized environments. Palo Alto Networks software firewalls not ...
2 years ago Paloaltonetworks.com
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit - IBM's surprise departure from cybersecurity software this week didn't just rearrange the competitive landscape - it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar ...
1 year ago Darkreading.com
Palo Alto Networks to Acquire CyberArk in $25 Billion Deal - The deal marks Palo Alto Networks’ strategic entry into the Identity Security market, establishing it as a new core pillar in the company’s multi-platform strategy. Palo Alto Networks, a leader in cybersecurity, announced today that it ...
5 months ago Cybersecuritynews.com
CVE-2022-0019 - An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other ...
3 years ago
Patch Now: Palo Alto Flaw Exploited in the Wild - Indeed, researchers observed attackers making exploit attempts by chaining CVE-2025-0108 with two other PAN-OS Web management interface flaws — CVE-2024-9474, a privilege escalation flaw, and CVE-2025-0111, an authenticated file read vulnerability ...
10 months ago Darkreading.com CVE-2025-0108 CVE-2024-9474 CVE-2025-0111
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now - Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as ...
1 year ago Bleepingcomputer.com CVE-2024-3400 CVE-2024-34000
CVE-2020-2004 - Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue ...
5 years ago
Palo Alto Networks Recognized as a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms - Today, we are pleased to announce that Palo Alto Networks has been named a Leader in the 2023 Gartner Magic Quadrant for Endpoint Protection Platforms. Before we dive into the significance of this year's Magic Quadrant for EPP, I want to take a ...
2 years ago Paloaltonetworks.com
Palo Alto Networks Prevents Data Loss at Enterprise Scale with NVIDIA - With NVIDIA accelerated computing and AI software, cybersecurity leaders like Palo Alto Networks can safeguard vast amounts of sensitive information with unprecedented speed and accuracy, ushering in a new era of AI-driven data protection. The ...
1 year ago Paloaltonetworks.com
Unlocking the Economic Benefit of NGFWs - Cyberthreats are increasing in volume and complexity, making it difficult for network defenders to protect their organizations. Threat actors are evolving their tools and techniques, finding new ways to employ artificial intelligence to avoid ...
1 year ago Paloaltonetworks.com
CISA Warns of Palo Alto PAN-OS Vulnerability Actively Exploited in the Wild - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding actively exploiting a high-severity authentication bypass vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS, the operating system powering the ...
10 months ago Cybersecuritynews.com CVE-2025-0108 CVE-2024-0012 CVE-2024-9474
CVE-2021-3057 - A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: ...
4 years ago
Providing Optimal Cloud Security Outcomes Through StateRAMP - Palo Alto Networks reaches a significant milestone as our commitment to comprehensive security achieves the largest number of StateRAMP marketplace approved cybersecurity offerings. In its commitment to be the state and local government's ...
1 year ago Paloaltonetworks.com
Palo Alto Networks GlobalProtect Vulnerability Allows Local Privilege Escalation to Root Access - Palo Alto Networks has disclosed a critical security vulnerability in its GlobalProtect VPN application that enables locally authenticated users to escalate their privileges to root access on macOS and Linux systems, or NT AUTHORITY\SYSTEM on Windows ...
6 months ago Cybersecuritynews.com
Palo Alto Networks Completes Acquisition of Talon - Palo Alto Networks announced today that it has completed the acquisition of Talon Cyber Security, an Israeli startup selling a secure browser technology to enterprise customers. Palo Alto first announced plans to buy Talon in November 2023 in a deal ...
2 years ago Securityweek.com
Investing in Cloud Infrastructure in the Kingdom of Saudi Arabia - Digital transformation is at the heart of the Kingdom of Saudi Arabia's ambitious Vision 2030 program as the nation looks to future-proof its economy and enhance people's lives. The Kingdom is looking to diversify its economy and develop public ...
1 year ago Paloaltonetworks.com
Vulnerability Recap 4/15/24: Palo Alto, Microsoft, Ivanti Exploits - Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users' data security. Multiple Vulnerabilities Discovered in LG WebOS Smart TVs. Type of vulnerability: Authorization bypass, ...
1 year ago Esecurityplanet.com CVE-2024-21894 CVE-2024-29990 CVE-2024-3383 CVE-2024-3400
How to track and stop CVE-2024-3400: Palo Alto Devices API Exploit Causing Critical Infrastructure and Enterprise Epidemics - On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. Palo Alto has marked this ...
1 year ago Securityboulevard.com CVE-2024-3400
SentinelOne vs Palo Alto Cortex XDR: Which Tool is Best? - SentinelOne and Palo Alto are two of the top brands in this space, and this comparison will help you decide if either one of the company's tools is right for you. SentinelOne's Singularity platform offers four subscription tiers that include their ...
1 year ago Techrepublic.com
CVE-2025-0133 - A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's ...
7 months ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - Palo Alto Networks has disclosed a critical vulnerability (CVE-2025-010) in its PAN-OS software that could allow attackers to bypass authentication on the management web interface. While the vulnerability is rated as HIGH severity, Palo Alto Networks ...
10 months ago Cybersecuritynews.com CVE-2025-010

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)