CVE-2024-2431: GlobalProtect App Allows Non-Privileged Disable via Passcode
CVE-2024-2431 Published on March 13, 2024
GlobalProtect App: Local User Can Disable GlobalProtect
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.
Vulnerability Analysis
CVE-2024-2431 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Timeline
Initial publication
Weakness Type
Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2024-2431
Want to know whenever a new CVE is published for Palo Alto Networks Globalprotect? stack.watch will email you.
Affected Versions
Palo Alto Networks GlobalProtect App:- Version 6.0 and below 6.0.4 is affected.
- Version 5.1 and below 5.1.12 is affected.
- Version 5.2 and below 5.2.13 is affected.
- Version 6.1 and below 6.1.1 is affected.
- Version 6.2 is unaffected.
- Version 5.1 and below 5.1.12 is affected.
- Version 5.2 and below 5.2.13 is affected.
- Version 6.0.0 and below 6.0.4 is affected.
- Version 6.1.0 and below 6.1.1 is affected.
- Version 6.2.0 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.