Globalprotect Uwp App
Approved changes feed: RSS · Atom
cpe:2.3:a:palo_alto_networks:globalprotect_uwp_app:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Palo Alto Networks (b3fb2ed8-9543-594b-b76a-18c6d89c012d) |
|---|---|
| Product | Globalprotect Uwp App (2e84290e-c563-53ae-baec-c4a132a17bfa) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-0250 |
vulnerable | 2026-06-03 15:14:40.977642 |
GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.
The GlobalProtect app on iOS is not affected.
Published: 2026-05-13T18:26:51.927Z
Updated: 2026-05-14T03:56:37.034Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2179 |
not_vulnerable | 2026-06-03 15:00:16.347818 |
GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.
The GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
Published: 2025-07-29T17:15:08.461Z
Updated: 2025-07-29T17:37:23.305Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0141 |
not_vulnerable | 2026-06-03 14:58:23.774367 |
GlobalProtect App: Privilege Escalation (PE) Vulnerability
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows.
The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
Published: 2025-07-09T22:58:54.755Z
Updated: 2026-02-26T17:50:50.211Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0140 |
not_vulnerable | 2026-06-03 14:58:23.752850 |
GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.
The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
Published: 2025-07-09T22:58:28.536Z
Updated: 2025-07-30T18:02:00.810Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0135 |
not_vulnerable | 2026-06-03 14:58:23.684157 |
GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app.
The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
Published: 2025-05-14T18:08:32.924Z
Updated: 2025-05-14T20:50:20.200Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0120 |
not_vulnerable | 2026-06-03 14:58:23.514732 |
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit.
Published: 2025-04-11T01:44:48.253Z
Updated: 2025-05-02T19:08:27.987Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0118 |
not_vulnerable | 2026-06-03 14:58:23.508962 |
GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to exploit this vulnerability, the authenticated user must navigate to a malicious page during the GlobalProtect SAML login process on a Windows device.
This issue does not apply to the GlobalProtect app on other (non-Windows) platforms.
Published: 2025-03-12T18:36:44.290Z
Updated: 2025-03-12T18:52:08.115Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0117 |
not_vulnerable | 2026-06-03 14:58:23.506991 |
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM.
GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.
Published: 2025-03-12T18:35:35.409Z
Updated: 2026-02-26T19:09:35.030Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.