CVE-2025-0141
Severity CVSS v4.0:
HIGH
Type:
CWE-426
Untrusted Search Path
Publication date:
09/07/2025
Last modified:
10/07/2025
Description
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows.<br />
<br />
The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.