Palo Alto GlobalProtect Windows App Local PE
CVE-2023-0009 Published on June 14, 2023
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
Vulnerability Analysis
CVE-2023-0009 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Timeline
Initial publication
Validated an attack scenario that does not require the Windows user to have special privileges 47 days later.
Weakness Type
Reliance on Untrusted Inputs in a Security Decision
The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
Products Associated with CVE-2023-0009
Want to know whenever a new CVE is published for Palo Alto Networks Globalprotect? stack.watch will email you.
Affected Versions
Palo Alto Networks GlobalProtect App:- Version 6.2 is unaffected.
- Version 6.1 and below 6.1.1 is affected.
- Version 6.0 and below 6.0.5 is affected.
- Version 5.2 and below 5.2.13 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.