CVE-2025-4232

Name of the Vulnerable Software and Affected Versions Palo Alto Networks GlobalProtect versions prior to 6.2.8-h2 on macOS

Description An improper neutralization of wildcards vulnerability in the log collection feature of the Palo Alto Networks GlobalProtect app on macOS allows a non-administrative user to escalate their privileges to root. Public proof-of-concept code exists, and it is recommended to update now to protect the system.

Recommendations For versions prior to 6.2.8-h2 on macOS, update to version 6.2.8-h2 or later to resolve the issue. As a temporary workaround, consider restricting access to the log collection feature until a patch is applied. Avoid using the vulnerable log collection feature in the GlobalProtect app until the issue is resolved.