CVE-2026-0250
MEDIUMGlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway
Title source: cnaDescription
A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway. The GlobalProtect app on iOS is not affected.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://security.paloaltonetworks.com/CVE-2026-0250
Scores
CVSS v4
5.2
EPSS
0.0021
EPSS Percentile
10.9%
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (9)
Palo Alto Networks/GlobalProtect App
6.0 - 6.0.13
Palo Alto Networks/GlobalProtect App
6.0 - 6.0.14
Palo Alto Networks/GlobalProtect App
6.0.0 - 6.0.11
Palo Alto Networks/GlobalProtect App
6.1 - 6.1.13
Palo Alto Networks/GlobalProtect App
6.2.0 - 6.2.8-h10 (6.2.8-948)
Palo Alto Networks/GlobalProtect App
6.3.0 - 6.3.3-h2 (6.3.3-42)
Palo Alto Networks/GlobalProtect App
6.3.0 - 6.3.3-h9 (6.3.3-999)
Palo Alto Networks/GlobalProtect App
All
Palo Alto Networks/GlobalProtect UWP App
6.3 - 6.3.3-h10
Published
May 13, 2026
Tracked Since
May 14, 2026