Palo Alto Networks · Globalprotect · CVE-2025-0126
Name of the Vulnerable Software and Affected Versions:
GlobalProtect versions (affected versions not specified)
Description:
A session fixation issue in the GlobalProtect login, when configured using SAML, allows an attacker to impersonate a legitimate authorized user. This requires the legitimate user to first click on a malicious link provided by the attacker. The SAML login for the PAN-OS management interface is not affected. Additionally, this issue does not affect Cloud NGFW and all Prisma Access instances.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.