Privilege Escalation Vulnerability in Palo Alto Networks GlobalProtect App
CVE-2025-0141

8.4HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Globalprotect App; Globalprotect UWP App
Vendor: CVE Published:; 9 July 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-0141?

A privilege escalation issue has been identified in the Palo Alto Networks GlobalProtect App, allowing a locally authenticated non-administrative user to gain root access on macOS and Linux systems, or NT AUTHORITY SYSTEM on Windows. This vulnerability does not impact the GlobalProtect app functioning on iOS, Android, and Chrome OS. Prompt updates and remediation actions are recommended to mitigate the risks associated with this vulnerability.

Affected Version(s)

GlobalProtect App Linux 6.2.0 < 6.2.8

GlobalProtect App Linux 6.1.0

GlobalProtect App Linux 6.0.0

References

https://security.paloaltonetworks.com/CVE-2025-0141

vendor-advisory

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jul 9, 2025
Vulnerability published
Jul 9, 2025
Vulnerability Reserved
Dec 20, 2024

Credit

Alex Bourla

Graham Brereton ([email protected])