Vulnerabilities > Paloaltonetworks > Globalprotect
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-16 | CVE-2019-17435 | Unspecified vulnerability in Paloaltonetworks Globalprotect A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and earlier, and GlobalProtect Agent for Windows 4.1.12 and earlier, in which the auto-update feature can allow for modification of a GlobalProtect Agent MSI installer package on disk before installation. | 5.5 |
| 2019-04-09 | CVE-2019-1573 | Missing Encryption of Sensitive Data vulnerability in Paloaltonetworks Globalprotect 4.1.0/4.1.10 GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user. | 2.5 |
| 2017-12-11 | CVE-2017-15870 | Unspecified vulnerability in Paloaltonetworks Globalprotect 4.0.2 Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking." | 6.7 |