CVE-2025-0141

Severity CVSS v4.0:
HIGH
Type:
CWE-426 Untrusted Search Path
Publication date:
09/07/2025
Last modified:
10/07/2025

Description

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows.<br /> <br /> The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.

References to Advisories, Solutions, and Tools