GlobalProtect App: Certificate Validation Bypass Vulnerabilities_CVE-2026-0249

4.9 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber

Description

Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software.

The GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected.

Basic Information

ID CVE-2026-0249

Source palo_alto

Published May 13, 2026 at 18:32

Modified May 13, 2026 at 19:31

Affected Product

Vendor Palo Alto Networks

Product GlobalProtect App

Version 6.3.0

Affected Versions Palo Alto Networks GlobalProtect App 6.3.0
Palo Alto Networks GlobalProtect App 6.2.0
Palo Alto Networks GlobalProtect App 6.1.0
Palo Alto Networks GlobalProtect App 6.0.0
Palo Alto Networks GlobalProtect App 6.0.0

CWE Classification

CWE-295

References

security.paloaltonetworks.com /CVE-2026-0249

{
    "lastseen": "",
    "description": "Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect\u2122 app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software.\n\nThe GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected.",
    "published": "2026-05-13T18:32:12.091Z",
    "modified": "2026-05-13T19:31:30.865Z",
    "type": "cve",
    "title": "GlobalProtect App: Certificate Validation Bypass Vulnerabilities",
    "source": "palo_alto",
    "references": "https://security.paloaltonetworks.com/CVE-2026-0249",
    "id": "CVE-2026-0249",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "Palo Alto Networks GlobalProtect App 6.3.0\nPalo Alto Networks GlobalProtect App 6.2.0\nPalo Alto Networks GlobalProtect App 6.1.0\nPalo Alto Networks GlobalProtect App 6.0.0\nPalo Alto Networks GlobalProtect App 6.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "GlobalProtect App",
    "version": "6.3.0",
    "vendor": "Palo Alto Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}