Headline
CVE-2022-0016: CVE-2022-0016 GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. This issue impacts GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS. This issue does not affect the GlobalProtect app on other platforms.
- Get support
- Security advisories
- Report vulnerabilities
- Subscribe
- RSS feed
Palo Alto Networks Security Advisories / CVE-2022-0016
Attack Vector LOCAL
Attack Complexity HIGH
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH
NVD JSON
Published 2022-02-09
Updated 2022-02-09
Reference GPC-14404, GPC-13685 and GPC-14747
Discovered externally
Description
An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances.
This issue impacts GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS.
This issue does not affect the GlobalProtect app on other platforms.
Product Status
Versions
Affected
Unaffected
GlobalProtect App 5.3
None
5.3.*
GlobalProtect App 5.2
< 5.2.9 on Windows and MacOS
>= 5.2.9 on Windows and MacOS
GlobalProtect App 5.1
None
>= 5.1.*
Required Configuration for Exposure
This issue is applicable only to devices configured to use the GlobalProtect Connect Before Logon feature.
Severity: HIGH
CVSSv3.1 Base Score: 7.4 (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type
CWE-703 Improper Check or Handling of Exceptional Conditions
Solution
This issue is fixed in GlobalProtect app 5.2.9 on Windows and MacOS, and all later GlobalProtect app versions.
Workarounds and Mitigations
There are no known workarounds for this issue.
Acknowledgments
Palo Alto Networks thanks Adam Crosser (Praetorian), Brian Sizemore (Praetorian) and N. Sao (Genetec) for independently discovering and reporting this issue.
Timeline
2022-02-09 Initial publication
© 2020 Palo Alto Networks, Inc. All rights reserved.