Insufficient Certificate Validation in Palo Alto Networks GlobalProtect App
CVE-2025-2183

5.3MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Globalprotect App; Global Protect UWP App
Vendor: CVE Published:; 13 August 2025

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-2183?

The vulnerability in the Palo Alto Networks GlobalProtect app arises from insufficient certificate validation, allowing attackers to connect the app to unauthorized servers. This risk primarily affects local non-administrative users or any attacker sharing the same network segment, enabling the potential installation of malicious root certificates on compromised endpoints. If successfully exploited, this could lead to the installation of malicious software signed by these root certificates, thereby jeopardizing the security and integrity of the affected systems.

Affected Version(s)

GlobalProtect App Linux 6.3.0 < 6.3.3

GlobalProtect App Linux 6.2.0 < 11.1.10

GlobalProtect App Linux 6.1.0

References

https://security.paloaltonetworks.com/CVE-2025-2183

vendor-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 13, 2025
Vulnerability published
Aug 13, 2025
Vulnerability Reserved
Mar 10, 2025

Credit

Nikola Markovic of Palo Alto Networks

Maxime Escorbiac of Michelin CERT