CVE-2019-17435

Name of the Vulnerable Software and Affected Versions GlobalProtect Agent for Windows versions 5.0.3 and earlier GlobalProtect Agent for Windows versions 4.1.12 and earlier

Description A Local Privilege Escalation issue exists in the auto-update feature of the GlobalProtect Agent for Windows, where an attacker can modify the GlobalProtect Agent MSI installer package on disk before installation due to insufficient access control. This can allow an attacker to elevate their privileges by loading a modified MSI package installer onto the disk before the application installation process.

Recommendations For GlobalProtect Agent for Windows versions 5.0.3 and earlier, update to a version later than 5.0.3 to resolve the issue. For GlobalProtect Agent for Windows versions 4.1.12 and earlier, update to a version later than 4.1.12 to resolve the issue. As a temporary workaround, consider restricting access to the auto-update feature until a patch is available.