{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0135", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-12-20T23:24:28.176Z", "datePublished": "2025-05-14T18:08:32.924Z", "dateUpdated": "2025-05-14T20:50:20.200Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"], "defaultStatus": "unaffected", "platforms": ["macOS"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.3.3", "status": "unaffected"}], "lessThan": "6.3.3", "status": "affected", "version": "6.3.0", "versionType": "custom"}, {"changes": [{"at": "6.2.8", "status": "unaffected"}], "lessThan": "6.2.8", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"], "defaultStatus": "unaffected", "platforms": ["Android", "Chrome OS", "iOS", "Windows", "Linux"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "GlobalProtect UWP App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No special configuration is required to be vulnerable to this issue."}], "value": "No special configuration is required to be vulnerable to this issue."}], "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla ([email protected])"}, {"lang": "en", "type": "finder", "value": "Graham Brereton ([email protected])"}], "datePublic": "2025-05-14T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app.<br><br>The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 5.2, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-05-14T18:08:32.924Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2025-0135"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>GlobalProtect App 6.3 on macOS<br></td><td>Upgrade to 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App 6.2 on macOS<br></td><td>Upgrade to 6.2.8 or later<br></td></tr><tr><td>GlobalProtect App 6.1 on macOS<br></td><td>Upgrade to 6.2.8 or later or 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App 6.0 on macOS<br></td><td>Upgrade to 6.2.8 or later or 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App on Linux</td><td>Not Applicable</td></tr><tr><td>GlobalProtect App on Windows</td><td>Not Applicable</td></tr><tr><td>GlobalProtect App on iOS</td><td>Not Applicable</td></tr><tr><td>GlobalProtect App on Android</td><td>Not Applicable</td></tr><tr><td>GlobalProtect UWP App</td><td>Not Applicable</td></tr></tbody></table><p><br></p>"}], "value": "Version\nSuggested Solution\nGlobalProtect App 6.3 on macOS\nUpgrade to 6.3.3 or later\nGlobalProtect App 6.2 on macOS\nUpgrade to 6.2.8 or later\nGlobalProtect App 6.1 on macOS\nUpgrade to 6.2.8 or later or 6.3.3 or later\nGlobalProtect App 6.0 on macOS\nUpgrade to 6.2.8 or later or 6.3.3 or later\nGlobalProtect App on LinuxNot ApplicableGlobalProtect App on WindowsNot ApplicableGlobalProtect App on iOSNot ApplicableGlobalProtect App on AndroidNot ApplicableGlobalProtect UWP AppNot Applicable"}], "source": {"defect": ["GPC-21582"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-05-14T16:00:00.000Z", "value": "Initial Publication"}], "title": "GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No workaround or mitigation is available."}], "value": "No workaround or mitigation is available."}], "x_affectedList": ["GlobalProtect App 6.3.2", "GlobalProtect App 6.3.1", "GlobalProtect App 6.3.0", "GlobalProtect App 6.3", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-14T20:50:14.792647Z", "id": "CVE-2025-0135", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-14T20:50:20.200Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0135", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-14T20:50:14.792647Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-14T20:50:17.392Z"}}], "cna": {"title": "GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App", "source": {"defect": ["GPC-21582"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla ([email protected])"}, {"lang": "en", "type": "finder", "value": "Graham Brereton ([email protected])"}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 5.2, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "changes": [{"at": "6.3.3", "status": "unaffected"}], "version": "6.3.0", "lessThan": "6.3.3", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "6.2.8", "status": "unaffected"}], "version": "6.2.0", "lessThan": "6.2.8", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}], "platforms": ["macOS"], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "platforms": ["Android", "Chrome OS", "iOS", "Windows", "Linux"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect UWP App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-05-14T16:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "eng", "value": "Version\nSuggested Solution\nGlobalProtect App 6.3 on macOS\nUpgrade to 6.3.3 or later\nGlobalProtect App 6.2 on macOS\nUpgrade to 6.2.8 or later\nGlobalProtect App 6.1 on macOS\nUpgrade to 6.2.8 or later or 6.3.3 or later\nGlobalProtect App 6.0 on macOS\nUpgrade to 6.2.8 or later or 6.3.3 or later\nGlobalProtect App on LinuxNot ApplicableGlobalProtect App on WindowsNot ApplicableGlobalProtect App on iOSNot ApplicableGlobalProtect App on AndroidNot ApplicableGlobalProtect UWP AppNot Applicable", "supportingMedia": [{"type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>GlobalProtect App 6.3 on macOS<br></td><td>Upgrade to 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App 6.2 on macOS<br></td><td>Upgrade to 6.2.8 or later<br></td></tr><tr><td>GlobalProtect App 6.1 on macOS<br></td><td>Upgrade to 6.2.8 or later or 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App 6.0 on macOS<br></td><td>Upgrade to 6.2.8 or later or 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App on Linux</td><td>Not Applicable</td></tr><tr><td>GlobalProtect App on Windows</td><td>Not Applicable</td></tr><tr><td>GlobalProtect App on iOS</td><td>Not Applicable</td></tr><tr><td>GlobalProtect App on Android</td><td>Not Applicable</td></tr><tr><td>GlobalProtect UWP App</td><td>Not Applicable</td></tr></tbody></table><p><br></p>", "base64": false}]}], "datePublic": "2025-05-14T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-0135", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "No workaround or mitigation is available.", "supportingMedia": [{"type": "text/html", "value": "No workaround or mitigation is available.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "supportingMedia": [{"type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app.<br><br>The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment"}]}], "configurations": [{"lang": "en", "value": "No special configuration is required to be vulnerable to this issue.", "supportingMedia": [{"type": "text/html", "value": "No special configuration is required to be vulnerable to this issue.", "base64": false}]}], "x_affectedList": ["GlobalProtect App 6.3.2", "GlobalProtect App 6.3.1", "GlobalProtect App 6.3.0", "GlobalProtect App 6.3", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2"], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-05-14T18:08:32.924Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0135", "state": "PUBLISHED", "dateUpdated": "2025-05-14T20:50:20.200Z", "dateReserved": "2024-12-20T23:24:28.176Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2025-05-14T18:08:32.924Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "id": "CVE-2025-0135", "lastModified": "2025-05-14T19:15:51.817", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-05-14T19:15:51.817", "references": [{"source": "[email protected]", "url": "https://security.paloaltonetworks.com/CVE-2025-0135"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}], "source": "[email protected]", "type": "Secondary"}]}

{}