Privilege escalation vulnerability in GlobalProtect AgentID: oval:org.secpod.oval:def:83773 | Date: (C)2022-09-08 (M)2023-04-21 |
Class: VULNERABILITY | Family: windows |
The host is installed with GlobalProtect App 5.2 before 5.2.9 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in the Connect Before Logon feature. Successful exploitation allows attackers to escalate SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
GlobalProtect Agent |