CVE-2025-4227

Name of the Vulnerable Software and Affected Versions Palo Alto Networks GlobalProtect app (affected versions not specified)

Description The issue is related to an improper access control vulnerability in the Endpoint Traffic Policy Enforcement feature. This allows certain packets to remain unencrypted within the tunnel, instead of being properly secured. An attacker with physical access to the network can inject rogue devices to intercept these packets. However, under normal operating conditions, the GlobalProtect app automatically recovers from this interception within one minute.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.