CVE-2025-0117

GlobalProtect <unknown - Privilege Escalation

Title source: llm

Description

A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.

References (1)

[Various Sources] https://security.paloaltonetworks.com/CVE-2025-0117

Scores

EPSS 0.0003

EPSS Percentile 9.5%

Classification

CWE

CWE-807

Status draft

Timeline

Published Mar 12, 2025

Tracked Since Feb 18, 2026