Security Advisory

CVE-2025-0117

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-12 18:35:35

Last updated 2026-02-26 19:09:35

Assigner palo_alto

State PUBLISHED

Description

A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITYSYSTEM. GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.

← Browse all CVEs View on cve.org ↗