The host is installed with GlobalProtect Agent 5.0.x before 5.0.5 or 4.1.x before 4.1.13 and is prone to an unquoted search path or element vulnerability. A flaw is present in the application, which fails to properly handle an issue in unspecified vectors. On successful exploitation, allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges.