Local Auth Priv Esc via GlobalProtect MSI Repair on Windows
CVE-2024-9473 Published on October 9, 2024
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.
Timeline
Initial publication
Weakness Type
Execution with Unnecessary Privileges
The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Products Associated with CVE-2024-9473
Want to know whenever a new CVE is published for Palo Alto Networks Globalprotect? stack.watch will email you.
Affected Versions
Palo Alto Networks GlobalProtect App:- Version 5.1 is affected.
- Version 6.0 is affected.
- Version 6.1 is affected.
- Version 6.2.0 and below 6.2.5 is affected.
- Version 6.3 is affected.
- Version 5.1.0 is affected.
- Version 6.0.0 is affected.
- Version 6.1.0 is affected.
- Version 6.3.0 is affected.
- Version 6.2.0 and below 6.2.5 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.