CVE-2025-0117

Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
12/03/2025
Last modified:
12/03/2025

Description

A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM.<br /> <br /> GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.

References to Advisories, Solutions, and Tools