CVE-2025-0117
Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
12/03/2025
Last modified:
12/03/2025
Description
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM.<br />
<br />
GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.