N. Sao

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks GlobalProtect app versions earlier than 5.2.9 **Description** An improper handling of exceptional conditions issue exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app. This enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. The issue impacts the GlobalProtect app on Windows and MacOS. **Recommendations** For GlobalProtect app versions earlier than 5.2.9, update to version 5.2.9 or later to resolve the issue. As a temporary workaround, consider disabling the Connect Before Logon feature until a patch is available. Restrict access to the GlobalProtect app on Windows and MacOS to minimize the risk of exploitation.