← back
CVE-2025-2183

GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation

CVSS 5.3 MEDIUMEPSS 0.1%CWE-295
An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.
CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber
Affected products
Palo Alto Networks · GlobalProtect AppPalo Alto Networks · Global Protect UWP App

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.paloaltonetworks.com/CVE-2025-2183