Allele Security Alert
ASA-2019-00582
Identifier(s)
ASA-2019-00582, CVE-2019-17435, PAN-SA-2019-0036
Title
Local Privilege Escalation vulnerability
Vendor(s)
Palo Alto Networks
Product(s)
GlobalProtect Agent
Affected version(s)
GlobalProtect Agent for Windows before version 5.0.4
GlobalProtect Agent for Windows before version 4.1.13
Fixed version(s)
GlobalProtect Agent for Windows version 5.0.4
GlobalProtect Agent for Windows version 4.1.13
Proof of concept
Unknown
Description
A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows auto-update feature that can allow for modification of a GlobalProtect Agent MSI installer package on disk before installation. Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges to the System user.
Technical details
Unknown
Credits
Hanno Heinrichs (CrowdStrike)
Reference(s)
Local Privilege Escalation in GlobalProtect Agent for Windows
https://securityadvisories.paloaltonetworks.com/Home/Detail/197
Palo Alto Networks Security Advisories: 15-October-2019
https://live.paloaltonetworks.com/t5/PSIRT-Articles/Palo-Alto-Networks-Security-Advisories-15-October-2019/ta-p/293088
CVE-2019-17435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17435
CVE-2019-17435
https://nvd.nist.gov/vuln/detail/CVE-2019-17435
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: October 23, 2019