A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows auto-update feature that can allow for modification of a GlobalProtect Agent MSI installer package on disk before installation. Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges to the System user.
Tag: Palo Alto Networks
ASA-2019-00581 – Palo Alto Networks GlobalProtect Agent: Non-root users are able to overwrite root files on the file system
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges on the system.
ASA-2019-00460 – Palo Alto GlobalProtect Portal/Gateway Interface: Unauthenticated remote code execution due to format string vulnerability
There's an unauthenticated remote code execution (RCE) vulnerability in Palo Alto Networks GlobalProtect Portal and GlobalProtect Gateway interface products. The vulnerability is a format string issue during parameter extraction when connecting to /sslmgr.