CVE-2025-0131

Severity CVSS v4.0:

HIGH

Type:

Unavailable / Other

Publication date:

14/05/2025

Last modified:

16/05/2025

Description

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit.

Impact

Vector 4.0

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/U:Amber CVSS v4.0 Severity and Metrics:

Base Score: 7.10 HIGH
Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/U:Amber

Attack Vector (AV): Local
Attack Complexity (AC): Low
Attack Requirements (AT): Present
Privileges Required (PR): Low
User Interaction (UI): None
Confidentiality (VC): None
Integrity (VI): High
Availability (VA): None
Confidentiality (SC): High
Integrity (SI): High
Availability (SA): High
Automatable (AU): No
Recovery (R): User
Value Density (V): Diffuse
Provider Urgency (U): Amber

Base Score 4.0

7.10

Severity 4.0

HIGH

CVE-2025-0131

Description

Impact

References to Advisories, Solutions, and Tools