Paloaltonetworks Globalprotect — known CVE vulnerabilities
Every CVE whose affected-product data names Paloaltonetworks Globalprotect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35)
CVE-2025-4232 — CVSS 8.8 (high): An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS…
CVE-2024-5921 — CVSS 8.8 (high): An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect…
CVE-2021-3057 — CVSS 8.1 (high): A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to…
CVE-2025-0118 — CVSS 8.0 (high): A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context…
CVE-2024-9473 — CVSS 7.8 (high): A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated…
CVE-2024-5915 — CVSS 7.8 (high): A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute…
CVE-2023-0009 — CVSS 7.8 (high): A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute…
CVE-2024-3661 — CVSS 7.6 (high): DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on…
CVE-2024-5908 — CVSS 7.5 (high): A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to…
CVE-2022-0016 — CVSS 7.4 (high): An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks…
CVE-2024-8687 — CVSS 7.1 (high): An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the…
CVE-2019-17436 — CVSS 7.1 (high): A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version…
CVE-2020-2032 — CVSS 7.0 (high): A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with…
CVE-2025-0120 — CVSS 7.0 (high): A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally…
CVE-2020-1989 — CVSS 7.0 (high): An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for…
CVE-2022-0017 — CVSS 7.0 (high): An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on…
CVE-2020-2004 — CVSS 6.8 (medium): Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for…
CVE-2017-15870 — CVSS 6.7 (medium): Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM…
CVE-2023-0006 — CVSS 6.3 (medium): A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files…
CVE-2022-0018 — CVSS 6.1 (medium): An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the…
CVE-2012-6606 — CVSS 5.8 (medium): Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows…
CVE-2026-0267 — CVSS 5.5 (medium): An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured…
CVE-2019-17435 — CVSS 5.5 (medium): A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for…
CVE-2021-3038 — CVSS 5.5 (medium): A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send…
CVE-2024-2431 — CVSS 5.5 (medium): An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that…
CVE-2020-2033 — CVSS 5.3 (medium): When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the…
CVE-2020-1976 — CVSS 4.7 (medium): A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to…
CVE-2022-0019 — CVSS 4.7 (medium): An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed…
CVE-2024-2432 — CVSS 4.5 (medium): A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute…
CVE-2020-1988 — CVSS 4.2 (medium): An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation…
CVE-2020-1987 — CVSS 3.9 (low): An information exposure vulnerability in the logging component of Palo Alto Networks Global Protect Agent allows a local authenticated user…
CVE-2025-4227 — CVSS 3.5 (low): An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/glob…
CVE-2025-0135 — CVSS 3.3 (low): An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally…
CVE-2022-0021 — CVSS 3.3 (low): An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the…
CVE-2019-1573 — CVSS 2.5 (low): GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has…