Palo Alto Networks · Globalprotect Agent · CVE-2020-1988
**Name of the Vulnerable Software and Affected Versions**
Palo Alto Networks GlobalProtect Agent versions prior to 5.0.5
Palo Alto Networks GlobalProtect Agent 4.1 versions prior to 4.1.13 on Windows
**Description**
The issue is related to an unquoted search path vulnerability in the Windows release of Global Protect Agent. This vulnerability allows an authenticated local user with file creation privileges on the root of the OS disk or to the Program Files directory to gain system privileges.
**Recommendations**
For versions prior to 5.0.5, update to version 5.0.5 or later.
For 4.1 versions prior to 4.1.13 on Windows, update to version 4.1.13 or later.