An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions before 5.0.5; 4.1 versions before 4.1.13 on Windows;
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-04-08T18:41:58.415618Z

Updated: 2024-09-16T18:03:55.930Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-1988

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-04-08T19:15:13.917

Modified: 2020-04-09T19:16:57.810

Link: CVE-2020-1988

cve-icon Redhat

No data.