CVE-2025-2183

GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation

CVSS 5.3 MEDIUMEPSS 0.1%CWE-295

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 5.3EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

13 ago 2025Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber

Productos afectados

Palo Alto Networks · GlobalProtect App Palo Alto Networks · Global Protect UWP App

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://security.paloaltonetworks.com/CVE-2025-2183