GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation

5.3 / 10

MEDIUM

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber

Description

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.

Basic Information

ID CVE-2025-2183

Source palo_alto

Published Aug 13, 2025 at 17:05

Affected Product

Vendor Palo Alto Networks

Product GlobalProtect App

Version 6.3.0

Affected Versions Palo Alto Networks GlobalProtect App 6.3.0
Palo Alto Networks GlobalProtect App 6.2.0
Palo Alto Networks GlobalProtect App 6.1.0
Palo Alto Networks GlobalProtect App 6.0.0
Palo Alto Networks GlobalProtect App 6.3.0
Palo Alto Networks GlobalProtect App 6.2.0
Palo Alto Networks GlobalProtect App 6.1.0
Palo Alto Networks GlobalProtect App 6.0.0

CWE Classification

CWE-295

References

security.paloaltonetworks.com /CVE-2025-2183

{
    "lastseen": "",
    "description": "An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect\u2122 app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.",
    "published": "2025-08-13T17:05:08.612Z",
    "modified": "2025-08-13T17:05:08.612Z",
    "type": "cve",
    "title": "GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation",
    "source": "palo_alto",
    "references": "https://security.paloaltonetworks.com/CVE-2025-2183",
    "id": "CVE-2025-2183",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "Palo Alto Networks GlobalProtect App 6.3.0\nPalo Alto Networks GlobalProtect App 6.2.0\nPalo Alto Networks GlobalProtect App 6.1.0\nPalo Alto Networks GlobalProtect App 6.0.0\nPalo Alto Networks GlobalProtect App 6.3.0\nPalo Alto Networks GlobalProtect App 6.2.0\nPalo Alto Networks GlobalProtect App 6.1.0\nPalo Alto Networks GlobalProtect App 6.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GlobalProtect App",
    "version": "6.3.0",
    "vendor": "Palo Alto Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation_CVE-2025-2183