CVE-2024-9473

Published: Oct 9, 2024Modified: Nov 21, 2024

5.2

Vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber

Show more

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:AmberShow less

Source: psirt@paloaltonetworks.com (Secondary)

Description

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.

Affected (3)

Products: Paloaltonetworks: Globalprotect

Paloaltonetworks

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Paloaltonetworks Globalprotect	From 5.1 to 6.2.5
Paloaltonetworks Globalprotect	Version 6.3.0
Paloaltonetworks Globalprotect	Version 6.3.1

Related CWEs

Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

References (3)

https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect/

Source: psirt@paloaltonetworks.com

https://security.paloaltonetworks.com/CVE-2024-9473

Source: psirt@paloaltonetworks.com

Vendor Advisory

http://seclists.org/fulldisclosure/2024/Oct/2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.