Allele Security Alert
ASA-2019-00581
Identifier(s)
ASA-2019-00581, CVE-2019-17436, PAN-SA-2019-0037
Title
Non-root users are able to overwrite root files on the file system
Vendor(s)
Palo Alto Networks
Product(s)
GlobalProtect Agent
Affected version(s)
GlobalProtect Agent for Linux and Mac OS X before version 5.0.5
GlobalProtect Agent for Linux and Mac OS X before version 4.1.13
Fixed version(s)
GlobalProtect Agent for Linux and Mac OS X version 5.0.5
GlobalProtect Agent for Linux and Mac OS X version 4.1.13
Proof of concept
Unknown
Description
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges on the system.
Technical details
Unknown
Credits
Hanno Heinrichs (CrowdStrike)
Reference(s)
Local Privilege Escalation in GlobalProtect Agent for Linux and Mac OS
https://securityadvisories.paloaltonetworks.com/Home/Detail/200
Palo Alto Networks Security Advisories: 15-October-2019
https://live.paloaltonetworks.com/t5/PSIRT-Articles/Palo-Alto-Networks-Security-Advisories-15-October-2019/ta-p/293088
CVE-2019-17436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17436
CVE-2019-17436
https://nvd.nist.gov/vuln/detail/CVE-2019-17436
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: October 23, 2019