cvelistv5 - cve-2025-4232

CVE-2025-4232 (GCVE-0-2025-4232)

Vulnerability from cvelistv5

Published

2025-06-12 23:22

Modified

2026-02-26 17:50

Severity ?

8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

CWE

CWE-155 - Improper Neutralization of Wildcards or Matching Symbols

Summary

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2025-4232

vendor-advisory

Impacted products

Vendor

Product

Version

Palo Alto Networks

GlobalProtect App

Version: 6.3   < 6.3.3
Version: 6.2.0   < 6.2.8-h2
Version: 6.1.0   <
Version: 6.0.0   <
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*

Palo Alto Networks

GlobalProtect App

Patch: All
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:ChromeOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Android:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:iOS:*:*
    cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:ChromeOS:*:*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4232",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-14T03:56:19.829250Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:39.870Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "macOS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.3.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.3.3",
              "status": "affected",
              "version": "6.3",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.2.8-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.2.8-h2",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:ChromeOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Android:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:iOS:*:*",
            "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:ChromeOS:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "Linux",
            "Android",
            "iOS",
            "Chrome OS"
          ],
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eNo special configuration is required to be affected by this issue.\u003c/span\u003e"
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Rutger Flohil"
        }
      ],
      "datePublic": "2025-06-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root.\u003c/p\u003e"
            }
          ],
          "value": "An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-155",
              "description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-12T23:22:34.993Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2025-4232"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n                                    \u003ctd\u003eGlobalProtect App 6.3 on macOS\u003cbr\u003e\u003c/td\u003e\n                                    \u003ctd\u003e6.3.0 through 6.3.2\u003c/td\u003e\n                                    \u003ctd\u003eUpgrade to 6.3.3 or later.\u003c/td\u003e\n                                \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on macOS\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.2.8-h2\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or\u0026nbsp;6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Linux\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Android\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Chrome OS\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version\nMinor Version\nSuggested Solution\n\n                                    GlobalProtect App 6.3 on macOS\n\n                                    6.3.0 through 6.3.2\n                                    Upgrade to 6.3.3 or later.\n                                GlobalProtect App 6.2 on macOS6.2.0 through 6.2.8-h2Upgrade to 6.2.8-h2 [ETA June 2025] or\u00a06.3.3 or later.GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App on Windows\nNo action needed.GlobalProtect App on Linux\nNo action needed.GlobalProtect App on Android\nNo action needed.GlobalProtect App on iOS\nNo action needed.GlobalProtect App on Chrome OS\u00a0No action needed."
        }
      ],
      "source": {
        "defect": [
          "GPC-21969"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-11T16:00:00.000Z",
          "value": "Initial Publication"
        }
      ],
      "title": "GlobalProtect: Authenticated Code Injection Through Wildcard on macOS",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eNo workaround or mitigation is available.\u003c/span\u003e"
            }
          ],
          "value": "No workaround or mitigation is available."
        }
      ],
      "x_affectedList": [
        "GlobalProtect App 6.3.2",
        "GlobalProtect App 6.3.1",
        "GlobalProtect App 6.3.0",
        "GlobalProtect App 6.3",
        "GlobalProtect App 6.2.7",
        "GlobalProtect App 6.2.6",
        "GlobalProtect App 6.2.4",
        "GlobalProtect App 6.2.3",
        "GlobalProtect App 6.2.2",
        "GlobalProtect App 6.2.1",
        "GlobalProtect App 6.2.0",
        "GlobalProtect App 6.2",
        "GlobalProtect App 6.1.7",
        "GlobalProtect App 6.1.6",
        "GlobalProtect App 6.1.5",
        "GlobalProtect App 6.1.4",
        "GlobalProtect App 6.1.3",
        "GlobalProtect App 6.1.2",
        "GlobalProtect App 6.1.1",
        "GlobalProtect App 6.1.0",
        "GlobalProtect App 6.1",
        "GlobalProtect App 6.0.11",
        "GlobalProtect App 6.0.10",
        "GlobalProtect App 6.0.8",
        "GlobalProtect App 6.0.7",
        "GlobalProtect App 6.0.6",
        "GlobalProtect App 6.0.5",
        "GlobalProtect App 6.0.4",
        "GlobalProtect App 6.0.3",
        "GlobalProtect App 6.0.2",
        "GlobalProtect App 6.0.1",
        "GlobalProtect App 6.0.0",
        "GlobalProtect App 6.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2025-4232",
    "datePublished": "2025-06-12T23:22:34.993Z",
    "dateReserved": "2025-05-02T19:10:45.457Z",
    "dateUpdated": "2026-02-26T17:50:39.870Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CERTFR-2025-AVI-0505

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un contournement de la politique de sécurité.

Palo Alto Networks a connaissance d'une preuve de concept pour la vulnérabilité CVE-2025-4232.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions correctives 10.1.14-h16 et 11.2.7 pour la vulnérabilité CVE-2025-4229 affectant respectivement PAN-OS versions 10.1.x et 11.2.x sont prévues pour juillet 2025 et juin 2025. Les versions correctives 6.2.8-h2 et 6.3.3-h1 pour la vulnérabilité CVE-2025-4227 affectant respectivement GlobalProtect App versions 6.2.x et 6.3.x sont prévues pour juin 2025.

Impacted products

Vendor	Product	Description
Palo Alto Networks	PAN-OS	PAN-OS toutes versions à 10.1.x
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-HF
Palo Alto Networks	Prisma Access Browser	Prisma Access Browser versions antérieures à 137.16.2.69
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.x antérieures à 11.1.10
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.2.x antérieures à 6.2.8-h2
Palo Alto Networks	GlobalProtect App	GlobalProtect App toutes version 6.0.x
Palo Alto Networks	Cortex XDR Broker	Cortex XDR Broker VM versions antérieures à 27.0.26
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.x antérieures à 10.2.17
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0.x antérieures à 11.0.3
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3-h1
Palo Alto Networks	GlobalProtect App	GlobalProtect App toutes versions 6.1.x
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.x antérieures à 11.2.7

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted