CVE-2024-9473

Summary

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksGlobalProtect App5.1affected
Palo Alto NetworksGlobalProtect App6.0affected
Palo Alto NetworksGlobalProtect App6.1affected
Palo Alto NetworksGlobalProtect App6.2.0 < 6.2.5affected
Palo Alto NetworksGlobalProtect App6.3affected

Weaknesses

  • CWE-250: CWE-250 Execution with Unnecessary Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References