{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0140", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-12-20T23:24:43.326Z", "datePublished": "2025-07-09T22:58:28.536Z", "dateUpdated": "2025-07-30T18:02:00.810Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"], "defaultStatus": "unaffected", "platforms": ["macOS"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.3.3-h1 (6.3.3-c650)", "status": "unaffected"}], "lessThan": "6.3.3-h1 (6.3.3-c650)", "status": "affected", "version": "6.3.0", "versionType": "custom"}, {"changes": [{"at": "6.2.8-h2 (6.2.8-c243)", "status": "unaffected"}], "lessThan": "6.2.8-h2 (6.2.8-c243)", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "platforms": ["Android", "Chrome OS", "iOS", "Windows", "Linux"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "GlobalProtect UWP App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No special configuration is required to be vulnerable to this issue."}], "value": "No special configuration is required to be vulnerable to this issue."}], "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla"}, {"lang": "en", "type": "finder", "value": "Graham Brereton ([email protected])"}], "datePublic": "2025-07-09T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.<br><br>The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-07-30T18:02:00.810Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2025-0140"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.3 on macOS<br></td>\n <td>6.3.0 through 6.3.3</td>\n <td>Upgrade to 6.3.3-h1 (6.3.3-c650) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on macOS<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h2 (6.2.8-c243) or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.0 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App on Android, iOS, Linux, Windows&nbsp;</td><td>&nbsp;</td><td>No action needed.</td></tr><tr><td>GlobalProtect UWP App<br></td><td></td><td>No action needed.</td></tr></tbody></table>"}], "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on macOS\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.2 on macOS\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App on Android, iOS, Linux, Windows\u00a0\u00a0No action needed.GlobalProtect UWP App\nNo action needed."}], "source": {"defect": ["GPC-21585"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-07-09T16:00:00.000Z", "value": "Initial Publication"}, {"lang": "en", "time": "2025-07-28T21:30:00.000Z", "value": "Decoupled GlobalProtect Linux app from this advisory. For Linux, see CVE-2025-2179"}], "title": "GlobalProtect App: Non Admin User Can Disable the GlobalProtect App", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No workaround or mitigation is available."}], "value": "No workaround or mitigation is available."}], "x_affectedList": ["GlobalProtect App 6.3.2", "GlobalProtect App 6.3.1", "GlobalProtect App 6.3.0", "GlobalProtect App 6.3", "GlobalProtect App 6.2.7", "GlobalProtect App 6.2.6", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2", "GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-10T20:01:37.338207Z", "id": "CVE-2025-0140", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-10T20:01:46.749Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0140", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-10T20:01:37.338207Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-10T20:01:43.090Z"}}], "cna": {"title": "GlobalProtect App: Non Admin User Can Disable the GlobalProtect App", "source": {"defect": ["GPC-21585"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla"}, {"lang": "en", "type": "finder", "value": "Graham Brereton ([email protected])"}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 6.8, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "changes": [{"at": "6.3.3-h1 (6.3.3-c650)", "status": "unaffected"}], "version": "6.3.0", "lessThan": "6.3.3-h1 (6.3.3-c650)", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "6.2.8-h2 (6.2.8-c243)", "status": "unaffected"}], "version": "6.2.0", "lessThan": "6.2.8-h2 (6.2.8-c243)", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}], "platforms": ["macOS"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "platforms": ["Android", "Chrome OS", "iOS", "Windows", "Linux"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect UWP App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-07-09T16:00:00.000Z", "value": "Initial Publication"}, {"lang": "en", "time": "2025-07-28T21:30:00.000Z", "value": "Decoupled GlobalProtect Linux app from this advisory. For Linux, see CVE-2025-2179"}], "solutions": [{"lang": "eng", "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on macOS\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.2 on macOS\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App on Android, iOS, Linux, Windows\u00a0\u00a0No action needed.GlobalProtect UWP App\nNo action needed.", "supportingMedia": [{"type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.3 on macOS<br></td>\n <td>6.3.0 through 6.3.3</td>\n <td>Upgrade to 6.3.3-h1 (6.3.3-c650) or later.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on macOS<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h2 (6.2.8-c243) or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App 6.0 on macOS</td><td></td><td>Upgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.</td></tr><tr><td>GlobalProtect App on Android, iOS, Linux, Windows&nbsp;</td><td>&nbsp;</td><td>No action needed.</td></tr><tr><td>GlobalProtect UWP App<br></td><td></td><td>No action needed.</td></tr></tbody></table>", "base64": false}]}], "datePublic": "2025-07-09T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-0140", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "No workaround or mitigation is available.", "supportingMedia": [{"type": "text/html", "value": "No workaround or mitigation is available.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "supportingMedia": [{"type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.<br><br>The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment"}]}], "configurations": [{"lang": "en", "value": "No special configuration is required to be vulnerable to this issue.", "supportingMedia": [{"type": "text/html", "value": "No special configuration is required to be vulnerable to this issue.", "base64": false}]}], "x_affectedList": ["GlobalProtect App 6.3.2", "GlobalProtect App 6.3.1", "GlobalProtect App 6.3.0", "GlobalProtect App 6.3", "GlobalProtect App 6.2.7", "GlobalProtect App 6.2.6", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2", "GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-07-30T18:02:00.810Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0140", "state": "PUBLISHED", "dateUpdated": "2025-07-30T18:02:00.810Z", "dateReserved": "2024-12-20T23:24:43.326Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2025-07-09T22:58:28.536Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}, {"lang": "es", "value": "Una vulnerabilidad de asignaci\u00f3n incorrecta de privilegios en la aplicaci\u00f3n GlobalProtect\u2122 de Palo Alto Networks en dispositivos macOS y Linux permite que un usuario no administrativo autenticado localmente desactive la aplicaci\u00f3n incluso si la configuraci\u00f3n de GlobalProtect no lo permite. La aplicaci\u00f3n GlobalProtect en Windows, iOS, Android, Chrome OS y la aplicaci\u00f3n GlobalProtect UWP no se ve afectada."}], "id": "CVE-2025-0140", "lastModified": "2025-07-30T18:15:25.140", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-09T23:15:24.327", "references": [{"source": "[email protected]", "url": "https://security.paloaltonetworks.com/CVE-2025-0140"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}], "source": "[email protected]", "type": "Secondary"}]}

{}