{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-0120","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","state":"PUBLISHED","assignerShortName":"palo_alto","dateReserved":"2024-12-20T23:23:21.499Z","datePublished":"2025-04-11T01:44:48.253Z","dateUpdated":"2025-05-02T19:08:27.987Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.7:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.6:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"],"defaultStatus":"unaffected","platforms":["Windows"],"product":"GlobalProtect App","vendor":"Palo Alto Networks","versions":[{"changes":[{"at":"6.3.3","status":"unaffected"}],"lessThan":"6.3.3","status":"affected","version":"6.3.0","versionType":"custom"},{"changes":[{"at":"6.2.8","status":"unaffected"},{"at":"6.2.7-1077","status":"unaffected"}],"lessThan":"6.2.8","status":"affected","version":"6.2.0","versionType":"custom"},{"status":"affected","version":"6.1.0","versionType":"custom"},{"status":"affected","version":"6.0.0","versionType":"custom"}]},{"cpes":["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.7:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.6:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*","cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"],"defaultStatus":"unaffected","platforms":["macOS","Linux","iOS","Android","Chrome OS"],"product":"GlobalProtect App","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"All","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"GlobalProtect UWP App","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"All","versionType":"custom"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"No special configuration is required to be affected by this issue."}],"value":"No special configuration is required to be affected by this issue."}],"credits":[{"lang":"en","type":"finder","value":"Maxime ESCOURBIAC, Michelin CERT"},{"lang":"en","type":"finder","value":"Yassine BENGANA, Abicom for Michelin CERT"}],"datePublic":"2025-04-09T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtectâ„¢ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit."}],"value":"A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtectâ„¢ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"impacts":[{"capecId":"CAPEC-233","descriptions":[{"lang":"en","value":"CAPEC-233 Privilege Escalation"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NO","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"PRESENT","attackVector":"LOCAL","baseScore":7.1,"baseSeverity":"HIGH","privilegesRequired":"LOW","providerUrgency":"AMBER","subAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","userInteraction":"NONE","valueDensity":"CONCENTRATED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:C/RE:M/U:Amber","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"A local Windows user (or malware) with non-administrative rights elevates their privileges to NT AUTHORITY/SYSTEM."}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-250","description":"CWE-250 Execution with Unnecessary Privileges","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2025-05-02T19:08:27.987Z"},"references":[{"tags":["vendor-advisory"],"url":"https://security.paloaltonetworks.com/CVE-2025-0120"}],"solutions":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"
Version
Suggested Solution
GlobalProtect App 6.3 on WindowsUpgrade to 6.3.3 or later
GlobalProtect App 6.2 on Windows
Upgrade to 6.2.7-1077 or 6.2.8 or later
GlobalProtect App 6.1 on Windows
Upgrade to 6.2.8 or later or upgrade to 6.3.3 or later
GlobalProtect App 6.0 on Windows
Upgrade to 6.2.8 or later or upgrade to 6.3.3 or later
GlobalProtect App on macOSNo action needed
GlobalProtect App on LinuxNo action needed
GlobalProtect App on iOSNo action needed
GlobalProtect App on AndroidNo action needed
GlobalProtect UWP AppNo action needed
"}],"value":"Version\nSuggested Solution\nGlobalProtect App 6.3 on WindowsUpgrade to 6.3.3 or laterGlobalProtect App 6.2 on Windows\nUpgrade to 6.2.7-1077 or 6.2.8 or later\nGlobalProtect App 6.1 on Windows\nUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\nGlobalProtect App 6.0 on Windows\nUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\nGlobalProtect App on macOSNo action neededGlobalProtect App on LinuxNo action neededGlobalProtect App on iOSNo action neededGlobalProtect App on AndroidNo action neededGlobalProtect UWP AppNo action needed"}],"source":{"defect":["GPC-19862","GPC-19858"],"discovery":"EXTERNAL"},"timeline":[{"lang":"en","time":"2025-04-09T16:00:00.000Z","value":"Initial Publication"},{"lang":"en","time":"2025-05-02T19:00:00.000Z","value":"Updated the fix version for 6.2.7"}],"title":"GlobalProtect App: Local Privilege Escalation (PE) Vulnerability","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"No workaround or mitigation is available."}],"value":"No workaround or mitigation is available."}],"x_affectedList":["GlobalProtect App 6.3.2","GlobalProtect App 6.3.1","GlobalProtect App 6.3.0","GlobalProtect App 6.3","GlobalProtect App 6.2.7","GlobalProtect App 6.2.6","GlobalProtect App 6.2.4","GlobalProtect App 6.2.3","GlobalProtect App 6.2.2","GlobalProtect App 6.2.1","GlobalProtect App 6.2.0","GlobalProtect App 6.2"],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-11T15:47:44.551607Z","id":"CVE-2025-0120","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-11T16:02:44.112Z"}}]}}