Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0582
Vulnerability from certfr_avis - Published: 2025-07-10 - Updated: 2025-07-10
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Elles permettent à un attaquant de provoquer une élévation de privilèges, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.
Palo Alto Networks indique que la vulnérabilité CVE-2025-6554, qui affecte Prisma Access Browser, est activement exploitée.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Palo Alto Networks | N/A | Autonomous Digital Experience Manager versions 5.6.x antérieures à 5.6.7 sur macOS | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.2.x antérieures à 6.2.8 sur Linux (disponibilité prévue pour le 11 juillet 2025) | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.2.x antérieures à 6.2.8-h2 (6.2.8-c243) sur macOS et Windows | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.1.x et GlobalProtect App versions 6.0.x | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.3.x antérieures à 6.3.3-h1 (6.3.3-c650) sur macOS et Windows | ||
| Palo Alto Networks | Prisma Access Browser | Prisma Access Browser versions antérieures à 138.33.5.97 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Autonomous Digital Experience Manager versions 5.6.x ant\u00e9rieures \u00e0 5.6.7 sur macOS",
"product": {
"name": "N/A",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8 sur Linux (disponibilit\u00e9 pr\u00e9vue pour le 11 juillet 2025)",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-h2 (6.2.8-c243) sur macOS et Windows",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.1.x et GlobalProtect App versions 6.0.x ",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h1 (6.3.3-c650) sur macOS et Windows",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 138.33.5.97",
"product": {
"name": "Prisma Access Browser",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2021-20305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20305"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2019-5827",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5827"
},
{
"name": "CVE-2021-27918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2025-0140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0140"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2025-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0139"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2019-13751",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13751"
},
{
"name": "CVE-2025-0141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0141"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2020-29652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
},
{
"name": "CVE-2019-13750",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13750"
},
{
"name": "CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"name": "CVE-2024-1086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2019-19603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
},
{
"name": "CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
}
],
"initial_release_date": "2025-07-10T00:00:00",
"last_revision_date": "2025-07-10T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0582",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n\nPalo Alto Networks indique que la vuln\u00e9rabilit\u00e9 CVE-2025-6554, qui affecte Prisma Access Browser, est activement exploit\u00e9e.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0139",
"url": "https://security.paloaltonetworks.com/CVE-2025-0139"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0140",
"url": "https://security.paloaltonetworks.com/CVE-2025-0140"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0012",
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0012"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0141",
"url": "https://security.paloaltonetworks.com/CVE-2025-0141"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0013",
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0013"
}
]
}
CVE-2023-46218 (GCVE-0-2023-46218)
Vulnerability from cvelistv5 – Published: 2023-12-07 01:10 – Updated: 2026-05-12 10:52
VLAI
EPSS
Summary
This flaw allows a malicious HTTP server to set "super cookies" in curl that
are then passed back to more origins than what is otherwise allowed or
possible. This allows a site to set cookies that then would get sent to
different and unrelated sites and domains.
It could do this by exploiting a mixed case flaw in curl's function that
verifies a given cookie domain against the Public Suffix List (PSL). For
example a cookie could be set with `domain=co.UK` when the URL used a lower
case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-178 - Improper Handling of Case Sensitivity
Assigner
References
11 references
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| curl | curl |
Affected:
8.4.0 , ≤ 8.4.0
(semver)
Unaffected: 7.46.0 , < 7.46.0 (semver) |
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | RUGGEDCOM ROX MX5000 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX MX5000RE |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1400 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1500 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1501 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1510 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1511 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1512 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1524 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX1536 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | RUGGEDCOM ROX RX5000 |
Affected:
0 , < V2.17.0
(custom)
|
|
| Siemens | SINEC NMS |
Affected:
0 , < V3.0 SP1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/2212193"
},
{
"tags": [
"x_transferred"
],
"url": "https://curl.se/docs/CVE-2023-46218.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5587"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240125-0007/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-46218",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-28T16:38:08.000092Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-178",
"description": "CWE-178 Improper Handling of Case Sensitivity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T16:20:37.028Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX MX5000",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX MX5000RE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1400",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1500",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1501",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1510",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1511",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1512",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1524",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX1536",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM ROX RX5000",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:52:38.819Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-093430.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-202008.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "curl",
"vendor": "curl",
"versions": [
{
"lessThanOrEqual": "8.4.0",
"status": "affected",
"version": "8.4.0",
"versionType": "semver"
},
{
"lessThan": "7.46.0",
"status": "unaffected",
"version": "7.46.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that\nare then passed back to more origins than what is otherwise allowed or\npossible. This allows a site to set cookies that then would get sent to\ndifferent and unrelated sites and domains.\n\nIt could do this by exploiting a mixed case flaw in curl\u0027s function that\nverifies a given cookie domain against the Public Suffix List (PSL). For\nexample a cookie could be set with `domain=co.UK` when the URL used a lower\ncase hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain."
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T14:06:39.330Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/2212193"
},
{
"url": "https://curl.se/docs/CVE-2023-46218.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5587"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240125-0007/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-46218",
"datePublished": "2023-12-07T01:10:34.846Z",
"dateReserved": "2023-10-19T01:00:12.854Z",
"dateUpdated": "2026-05-12T10:52:38.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-1086 (GCVE-0-2024-1086)
Vulnerability from cvelistv5 – Published: 2024-01-31 12:14 – Updated: 2025-10-21 23:05
VLAI
EPSS
Title
Use-after-free in Linux kernel's netfilter: nf_tables component
Summary
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.
We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
Severity
7.8 (High)
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
15 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Kernel |
Affected:
3.15 , < 6.8
(custom)
|
|
| linux | linux_kernel |
Affected:
3.15 , < 6.8
(custom)
cpe:2.3:o:linux:linux_kernel:3.15:*:*:*:*:*:*:* |
Date Public
2024-01-24 19:02
Credits
Notselwyn
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:3.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6.8",
"status": "affected",
"version": "3.15",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1086",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T14:20:47.271139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-05-30",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1086"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:25.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1086"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-30T00:00:00.000Z",
"value": "CVE-2024-1086 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:26:30.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660"
},
{
"tags": [
"x_transferred"
],
"url": "https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Notselwyn/CVE-2024-1086"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=39828424"
},
{
"tags": [
"x_transferred"
],
"url": "https://pwning.tech/nftables/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/15/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/23"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/22"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/14/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240614-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "kernel",
"product": "Kernel",
"repo": "https://git.kernel.org",
"vendor": "Linux",
"versions": [
{
"lessThan": "6.8",
"status": "affected",
"version": "3.15",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Notselwyn"
}
],
"datePublic": "2024-01-24T19:02:39.000Z",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T12:10:45.558Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660"
},
{
"url": "https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/"
},
{
"url": "https://github.com/Notselwyn/CVE-2024-1086"
},
{
"url": "https://news.ycombinator.com/item?id=39828424"
},
{
"url": "https://pwning.tech/nftables/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/15/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/23"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/22"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/14/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/5"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240614-0009/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use-after-free in Linux kernel\u0027s netfilter: nf_tables component",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-1086",
"datePublished": "2024-01-31T12:14:34.073Z",
"dateReserved": "2024-01-30T20:04:09.704Z",
"dateUpdated": "2025-10-21T23:05:25.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34155 (GCVE-0-2024-34155)
Vulnerability from cvelistv5 – Published: 2024-09-06 20:42 – Updated: 2024-11-04 16:59
VLAI
EPSS
Title
Stack exhaustion in all Parse functions in go/parser
Summary
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | go/parser |
Affected:
0 , < 1.22.7
(semver)
Affected: 1.23.0-0 , < 1.23.1 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T13:55:36.320331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:59:31.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-26T15:03:07.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240926-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "go/parser",
"product": "go/parser",
"programRoutines": [
{
"name": "parser.parseLiteralValue"
},
{
"name": "ParseDir"
},
{
"name": "ParseExpr"
},
{
"name": "ParseExprFrom"
},
{
"name": "ParseFile"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.22.7",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.1",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-674: Uncontrolled Recursion",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T20:42:42.518Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/611238"
},
{
"url": "https://go.dev/issue/69138"
},
{
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"title": "Stack exhaustion in all Parse functions in go/parser"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2024-34155",
"datePublished": "2024-09-06T20:42:42.518Z",
"dateReserved": "2024-05-01T18:45:34.846Z",
"dateUpdated": "2024-11-04T16:59:31.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0139 (GCVE-0-2025-0139)
Vulnerability from cvelistv5 – Published: 2025-07-09 22:57 – Updated: 2025-08-13 19:44
VLAI
EPSS
Title
Autonomous Digital Experience Manager: Privilege Escalation (PE) Vulnerability
Summary
An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their privileges to root.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-0139 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Autonomous Digital Experience Manager |
Affected:
5.6.0 , < 5.6.7
(custom)
|
Date Public
2025-07-09 16:00
Credits
Scott Gayou
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T19:59:16.118967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T20:01:08.617Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"macOS"
],
"product": "Autonomous Digital Experience Manager",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "5.6.7",
"status": "unaffected"
}
],
"lessThan": "5.6.7",
"status": "affected",
"version": "5.6.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Scott Gayou"
}
],
"datePublic": "2025-07-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their privileges to root."
}
],
"value": "An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their privileges to root."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T19:44:49.218Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0139"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eAutonomous Digital Experience Manager 5.6 on macOS\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e5.6.0 through 5.6.6\u003c/td\u003e\n \u003ctd\u003eUpgrade to 5.6.7 or later.\u003c/td\u003e\n \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n Autonomous Digital Experience Manager 5.6 on macOS\n\n 5.6.0 through 5.6.6\n Upgrade to 5.6.7 or later."
}
],
"source": {
"defect": [
"DEM-9950"
],
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-07-09T16:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2025-08-13T19:40:00.000Z",
"value": "Updated the acknowledgment"
}
],
"title": "Autonomous Digital Experience Manager: Privilege Escalation (PE) Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds or mitigations for this issue."
}
],
"value": "There are no known workarounds or mitigations for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0139",
"datePublished": "2025-07-09T22:57:56.688Z",
"dateReserved": "2024-12-20T23:24:42.333Z",
"dateUpdated": "2025-08-13T19:44:49.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0140 (GCVE-0-2025-0140)
Vulnerability from cvelistv5 – Published: 2025-07-09 22:58 – Updated: 2025-07-30 18:02
VLAI
EPSS
Title
GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
Summary
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.
The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-0140 | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Affected:
6.3.0 , < 6.3.3-h1 (6.3.3-c650)
(custom)
Affected: 6.2.0 , < 6.2.8-h2 (6.2.8-c243) (custom) Affected: 6.1.0 (custom) Affected: 6.0.0 (custom) cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:* |
|
| Palo Alto Networks | GlobalProtect App |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | GlobalProtect UWP App |
Unaffected:
All
(custom)
|
Date Public
2025-07-09 16:00
Credits
Alex Bourla
Graham Brereton (graham.brereton@form3.tech)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T20:01:37.338207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T20:01:46.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"macOS"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.3.3-h1 (6.3.3-c650)",
"status": "unaffected"
}
],
"lessThan": "6.3.3-h1 (6.3.3-c650)",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.8-h2 (6.2.8-c243)",
"status": "unaffected"
}
],
"lessThan": "6.2.8-h2 (6.2.8-c243)",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Android",
"Chrome OS",
"iOS",
"Windows",
"Linux"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GlobalProtect UWP App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Bourla"
},
{
"lang": "en",
"type": "finder",
"value": "Graham Brereton (graham.brereton@form3.tech)"
}
],
"datePublic": "2025-07-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\u003cbr\u003e\u003cbr\u003eThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."
}
],
"value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-578",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-578 Disable Security Software"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266: Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T18:02:00.810Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0140"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.3 on macOS\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.3.0 through 6.3.3\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.2 on macOS\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.2.0 through 6.2.8\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Android, iOS, Linux, Windows\u0026nbsp;\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect UWP App\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on macOS\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.2 on macOS\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App on Android, iOS, Linux, Windows\u00a0\u00a0No action needed.GlobalProtect UWP App\nNo action needed."
}
],
"source": {
"defect": [
"GPC-21585"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-07-09T16:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2025-07-28T21:30:00.000Z",
"value": "Decoupled GlobalProtect Linux app from this advisory. For Linux, see CVE-2025-2179"
}
],
"title": "GlobalProtect App: Non Admin User Can Disable the GlobalProtect App",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No workaround or mitigation is available."
}
],
"value": "No workaround or mitigation is available."
}
],
"x_affectedList": [
"GlobalProtect App 6.3.2",
"GlobalProtect App 6.3.1",
"GlobalProtect App 6.3.0",
"GlobalProtect App 6.3",
"GlobalProtect App 6.2.7",
"GlobalProtect App 6.2.6",
"GlobalProtect App 6.2.4",
"GlobalProtect App 6.2.3",
"GlobalProtect App 6.2.2",
"GlobalProtect App 6.2.1",
"GlobalProtect App 6.2.0",
"GlobalProtect App 6.2",
"GlobalProtect App 6.1.7",
"GlobalProtect App 6.1.6",
"GlobalProtect App 6.1.5",
"GlobalProtect App 6.1.4",
"GlobalProtect App 6.1.3",
"GlobalProtect App 6.1.2",
"GlobalProtect App 6.1.1",
"GlobalProtect App 6.1.0",
"GlobalProtect App 6.1",
"GlobalProtect App 6.0.11",
"GlobalProtect App 6.0.10",
"GlobalProtect App 6.0.8",
"GlobalProtect App 6.0.7",
"GlobalProtect App 6.0.6",
"GlobalProtect App 6.0.5",
"GlobalProtect App 6.0.4",
"GlobalProtect App 6.0.3",
"GlobalProtect App 6.0.2",
"GlobalProtect App 6.0.1",
"GlobalProtect App 6.0.0",
"GlobalProtect App 6.0"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0140",
"datePublished": "2025-07-09T22:58:28.536Z",
"dateReserved": "2024-12-20T23:24:43.326Z",
"dateUpdated": "2025-07-30T18:02:00.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0141 (GCVE-0-2025-0141)
Vulnerability from cvelistv5 – Published: 2025-07-09 22:58 – Updated: 2026-02-26 17:50
VLAI
EPSS
Title
GlobalProtect App: Privilege Escalation (PE) Vulnerability
Summary
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows.
The GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-0141 | vendor-advisory |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Affected:
6.3.0 , < 6.3.3-h1 (6.3.3-c650)
(custom)
Affected: 6.2.0 , < 6.2.8-h2 (6.2.8-c243) (custom) Affected: 6.1.0 (custom) Affected: 6.0.0 (custom) cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:* |
|
| Palo Alto Networks | GlobalProtect App |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | GlobalProtect UWP App |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | GlobalProtect App |
Affected:
6.2.0 , < 6.2.8
(custom)
Affected: 6.1.0 (custom) Affected: 6.0.0 (custom) cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:* |
Date Public
2025-07-09 16:00
Credits
Alex Bourla
Graham Brereton (graham.brereton@form3.tech)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T03:56:03.900001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:50.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"macOS",
"Windows"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.3.3-h1 (6.3.3-c650)",
"status": "unaffected"
}
],
"lessThan": "6.3.3-h1 (6.3.3-c650)",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.8-h2 (6.2.8-c243)",
"status": "unaffected"
}
],
"lessThan": "6.2.8-h2 (6.2.8-c243)",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Android",
"Chrome OS",
"iOS"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GlobalProtect UWP App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.2.8",
"status": "unaffected"
}
],
"lessThan": "6.2.8",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Bourla"
},
{
"lang": "en",
"type": "finder",
"value": "Graham Brereton (graham.brereton@form3.tech)"
}
],
"datePublic": "2025-07-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.\u003cbr\u003e\u003cbr\u003eThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."
}
],
"value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows.\n\nThe GlobalProtect app on iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T00:17:38.636Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0141"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.3 on macOS\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.3.0 through 6.3.3\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.3 on Windows\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.3.0 through 6.3.3\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.2 on macOS\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.2.0 through 6.2.8\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.2 on Windows\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.2.0 through 6.2.8\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on Windows\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Windows\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.2 on Linux\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.2.0 through 6.2.7\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.2.8 or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on Linux\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Linux\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cspan\u003eGlobalProtect App on Android, Chrome OS, iOS\u003c/span\u003e\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect UWP App\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on macOS\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.3 on Windows\n\n 6.3.0 through 6.3.3\n Upgrade to 6.3.3-h1 (6.3.3-c650) or later.\n \n GlobalProtect App 6.2 on macOS\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n \n GlobalProtect App 6.2 on Windows\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h2 (6.2.8-c243) or later.\n GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.1 on WindowsUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.GlobalProtect App 6.0 on WindowsUpgrade to 6.2.8-h2 (6.2.8-c243) or 6.3.3-h1 (6.3.3-c650) or later.\n GlobalProtect App 6.2 on Linux\n\n 6.2.0 through 6.2.7\n Upgrade to 6.2.8 or later.\n GlobalProtect App 6.1 on LinuxUpgrade to 6.2.8 or later.GlobalProtect App 6.0 on LinuxUpgrade to 6.2.8 or later.GlobalProtect App on Android, Chrome OS, iOS\u00a0No action needed.GlobalProtect UWP App\nNo action needed."
}
],
"source": {
"defect": [
"GPC-21586"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-07-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "GlobalProtect App: Privilege Escalation (PE) Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No workaround or mitigation is available."
}
],
"value": "No workaround or mitigation is available."
}
],
"x_affectedList": [
"GlobalProtect App 6.1.7",
"GlobalProtect App 6.1.6",
"GlobalProtect App 6.1.5",
"GlobalProtect App 6.1.4",
"GlobalProtect App 6.1.3",
"GlobalProtect App 6.1.2",
"GlobalProtect App 6.1.1",
"GlobalProtect App 6.1.0",
"GlobalProtect App 6.1",
"GlobalProtect App 6.0.11",
"GlobalProtect App 6.0.10",
"GlobalProtect App 6.0.8",
"GlobalProtect App 6.0.7",
"GlobalProtect App 6.0.6",
"GlobalProtect App 6.0.5",
"GlobalProtect App 6.0.4",
"GlobalProtect App 6.0.3",
"GlobalProtect App 6.0.2",
"GlobalProtect App 6.0.1",
"GlobalProtect App 6.0.0",
"GlobalProtect App 6.0"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0141",
"datePublished": "2025-07-09T22:58:54.755Z",
"dateReserved": "2024-12-20T23:24:48.571Z",
"dateUpdated": "2026-02-26T17:50:50.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5958 (GCVE-0-2025-5958)
Vulnerability from cvelistv5 – Published: 2025-06-11 00:54 – Updated: 2026-02-26 17:50
VLAI
EPSS
Summary
Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-5958",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-13T03:55:22.836453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:42.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "137.0.7151.103",
"status": "affected",
"version": "137.0.7151.103",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use after free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T00:54:26.301Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html"
},
{
"url": "https://issues.chromium.org/issues/420150619"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2025-5958",
"datePublished": "2025-06-11T00:54:26.301Z",
"dateReserved": "2025-06-09T19:57:49.869Z",
"dateUpdated": "2026-02-26T17:50:42.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5959 (GCVE-0-2025-5959)
Vulnerability from cvelistv5 – Published: 2025-06-11 00:54 – Updated: 2026-02-26 17:50
VLAI
EPSS
Summary
Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-843 - Type Confusion
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-5959",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T03:55:17.466340Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:42.008Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "137.0.7151.103",
"status": "affected",
"version": "137.0.7151.103",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Type Confusion",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T00:54:26.711Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html"
},
{
"url": "https://issues.chromium.org/issues/422313191"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2025-5959",
"datePublished": "2025-06-11T00:54:26.711Z",
"dateReserved": "2025-06-09T19:57:50.181Z",
"dateUpdated": "2026-02-26T17:50:42.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6191 (GCVE-0-2025-6191)
Vulnerability from cvelistv5 – Published: 2025-06-18 18:16 – Updated: 2026-02-26 17:50
VLAI
EPSS
Summary
Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-6191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-19T03:55:09.660584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:29.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "137.0.7151.119",
"status": "affected",
"version": "137.0.7151.119",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-472",
"description": "Integer overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T18:16:36.095Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html"
},
{
"url": "https://issues.chromium.org/issues/420697404"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2025-6191",
"datePublished": "2025-06-18T18:16:36.095Z",
"dateReserved": "2025-06-16T22:21:11.737Z",
"dateUpdated": "2026-02-26T17:50:29.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6192 (GCVE-0-2025-6192)
Vulnerability from cvelistv5 – Published: 2025-06-18 18:16 – Updated: 2026-02-26 17:50
VLAI
EPSS
Summary
Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-6192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-19T03:55:10.780463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:28.963Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "137.0.7151.119",
"status": "affected",
"version": "137.0.7151.119",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use after free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T18:16:36.481Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html"
},
{
"url": "https://issues.chromium.org/issues/421471016"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2025-6192",
"datePublished": "2025-06-18T18:16:36.481Z",
"dateReserved": "2025-06-16T22:21:12.086Z",
"dateUpdated": "2026-02-26T17:50:28.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…