CVE-2021-3038

Summary

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksGlobalProtect App5.1 < 5.1.8affected
Palo Alto NetworksGlobalProtect App5.2 < 5.2.4affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation
  • CWE-248: CWE-248 Uncaught Exception

ADP Enrichment

CVE Program Container

Additional References

References