CVE-2017-15870
MEDIUMPalo Alto Networks GlobalProtect Agent <4.0.3 - Privilege Escalation
Title source: llmDescription
Palo Alto Networks GlobalProtect Agent before 4.0.3 allows attackers with administration rights on the local station to gain SYSTEM privileges via vectors involving "image path execution hijacking."
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/102083
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2017-15870
Scores
CVSS v3
6.7
EPSS
0.0009
EPSS Percentile
26.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
paloaltonetworks/globalprotect
< 4.0.2
Published
Dec 11, 2017
Tracked Since
Feb 18, 2026