CVE-2025-4232

Summary

An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksGlobalProtect App6.3 < 6.3.3affected
Palo Alto NetworksGlobalProtect App6.2.0 < 6.2.8-h2affected
Palo Alto NetworksGlobalProtect App6.1.0affected
Palo Alto NetworksGlobalProtect App6.0.0affected
Palo Alto NetworksGlobalProtect AppAllunaffected

Weaknesses

  • CWE-155: CWE-155: Improper Neutralization of Wildcards or Matching Symbols

Workarounds

No workaround or mitigation is available.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References