CVE-2025-0120

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect app versions prior to 6.2.7-h3 Palo Alto Networks GlobalProtect app versions prior to 6.2.8 Palo Alto Networks GlobalProtect app version 6.3.0

Description: A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITYSYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit.

Recommendations: For versions prior to 6.2.7-h3, update to version 6.2.7-h3 or later. For versions prior to 6.2.8, update to version 6.2.8 or later. For version 6.3.0, consider disabling the vulnerable privilege management mechanism until a patch is available.