GlobalProtect App: Buffer Overflow Vulnerability When Connecting to Portal or Gateway

CVE-2021-3057

8.1HIGH

Key Information

Vendor: Palo Alto Networks
Status: Globalprotect App
Vendor: CVE Published:; 13 October 2021

Badges

👾 Exploit Exists

Summary

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.

Affected Version(s)

GlobalProtect App < 5.1.9

GlobalProtect App < 5.2.8

GlobalProtect App < 5.3.1

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Aug 3, 2024
Initial publication
Oct 13, 2021
Vulnerability published.
Oct 13, 2021
Vulnerability Reserved.
Jan 6, 2021

Collectors

NVD DatabaseMitre Database

Credit

Palo Alto Networks thanks Tomas Rzepka of F-Secure for discovering and reporting this issue.