PT-2020-3035 · Apple+1 · Apple Macos+1

Published

2020-02-12

Updated

2020-05-04

CVE-2020-1976

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Palo Alto Networks GlobalProtect versions 5.0.5 and earlier

Description A denial-of-service issue allows authenticated local users to cause the Mac OS kernel to hang or crash due to insufficient input validation. This can be exploited by an attacker to disrupt the system.

Recommendations For GlobalProtect versions 5.0.5 and earlier, update to a version later than 5.0.5 to resolve the issue. As a temporary workaround, consider restricting access to the GlobalProtect software to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-642CWE-20

Related Identifiers

BDU:2020-03299

CVE-2020-1976

Affected Products

Globalprotect

Apple Macos

PT-2020-3035 · Apple+1 · Apple Macos+1

CVE-2020-1976

Weakness Enumeration

Related Identifiers

Affected Products

References · 5