CVE-2024-2432

MEDIUM

Palo Alto Networks GlobalProtect < - Privilege Escalation

Title source: llm
STIX 2.1

Description

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.

Exploits (1)

nomisec WORKING POC 64 stars
by Hagrid29 · poc
https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP

References (1)

Scores

CVSS v3 4.5
EPSS 0.0040
EPSS Percentile 60.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-269
Status published
Products (2)
paloaltonetworks/globalprotect 6.2.0
paloaltonetworks/globalprotect 5.1.0 - 5.1.12
Published Mar 13, 2024
Tracked Since Feb 18, 2026