Incorrect Privilege Assignment in Palo Alto Networks GlobalProtect App on macOS
CVE-2025-0135

5.2MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Globalprotect App; Globalprotect UWP App
Vendor: CVE Published:; 14 May 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-0135?

A privilege assignment vulnerability in the Palo Alto Networks GlobalProtect App for macOS allows a locally authenticated non-administrative user to disable the application. This can lead to potential security risks for the network, as it permits users unauthorized control over the app's functionality. Other platforms, including Windows, Linux, iOS, Android, Chrome OS, and the GlobalProtect UWP app, remain unaffected. It's crucial for users to remain vigilant and implement necessary security measures to protect their systems.

Affected Version(s)

GlobalProtect App macOS 6.3.0 < 6.3.3

GlobalProtect App macOS 6.2.0 < 6.2.8

GlobalProtect App macOS 6.1.0

References

https://security.paloaltonetworks.com/CVE-2025-0135

vendor-advisory

CVSS V4

Score:

5.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 14, 2025
Vulnerability published
May 14, 2025
Vulnerability Reserved
Dec 20, 2024

Credit

Alex Bourla ([email protected])

Graham Brereton ([email protected])