Vulnerabilities > Paloaltonetworks > Globalprotect > 4.1.0

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-0009 Unspecified vulnerability in Paloaltonetworks Globalprotect
A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.
local
low complexity
paloaltonetworks
7.8
2020-04-08 CVE-2020-1988 Unquoted Search Path or Element vulnerability in Paloaltonetworks Globalprotect
An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges.
local
low complexity
paloaltonetworks CWE-428
6.7
2019-10-16 CVE-2019-17435 Unspecified vulnerability in Paloaltonetworks Globalprotect
A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for Windows 4.1.12 and earlier, in which the auto-update feature can allow for modification of a GlobalProtect Agent MSI installer package on disk before installation.
local
low complexity
paloaltonetworks
5.5
2019-04-09 CVE-2019-1573 Missing Encryption of Sensitive Data vulnerability in Paloaltonetworks Globalprotect 4.1.0/4.1.10
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.
local
high complexity
paloaltonetworks CWE-311
2.5