PT-2024-7800 · Microsoft+1 · Windows+1
Marc Barrantes
+1
·
Published
2024-10-03
·
Updated
2024-10-17
·
CVE-2024-9473
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Palo Alto Networks GlobalProtect App versions prior to 6.2.5
Description
A privilege escalation issue in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.
Recommendations
Update to version 6.2.5 to resolve the issue.
As a temporary workaround, consider disabling the repair functionality offered by the .msi file used to install GlobalProtect until a patch is available.
Restrict access to the .msi file used to install GlobalProtect to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Palo Alto Networks Globalprotect
Windows