CVE-2025-2183

MEDIUM

Palo Alto GlobalProtect - Auth Bypass

Title source: llm

Description

An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.

References (1)

[Various Sources] https://security.paloaltonetworks.com/CVE-2025-2183

Scores

CVSS v4 5.3

EPSS 0.0002

EPSS Percentile 6.4%

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-295

Status published

Products (8)

Palo Alto Networks/Global Protect UWP App All

Palo Alto Networks/GlobalProtect App 6.0.0

Palo Alto Networks/GlobalProtect App 6.1.0

Palo Alto Networks/GlobalProtect App 6.2.0 - 11.1.10

Palo Alto Networks/GlobalProtect App 6.2.0 - 6.2.8-h3 (6.2.8-c263)

Palo Alto Networks/GlobalProtect App 6.3.0 - 6.3.3

Palo Alto Networks/GlobalProtect App 6.3.0 - 6.3.3-h2 (6.3.3-c676)

Palo Alto Networks/GlobalProtect App All

Published Aug 13, 2025

Tracked Since Feb 18, 2026