CVE-2020-2032 - Vulnerability Details - OpenCVE

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 on Windows.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00098.

Key SSVC decision points have not yet been added.

Vendors	Products
Paloaltonetworks	Globalprotect

Configuration 1 [-]

OR	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*
	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*

No data.

No data.

Fixes

Solution

This issue is fixed in GlobalProtect app 5.0.10, GlobalProtect app 5.1.4, and all later GlobalProtect app versions.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2020-2032

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-06-10T17:29:03.167538Z

Updated: 2024-09-17T02:27:10.850Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-2032

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-06-10T18:15:11.780

Modified: 2024-11-21T05:24:30.247

Link: CVE-2020-2032

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"platforms": ["Windows"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "5.1.4", "status": "unaffected"}], "lessThan": "5.1.4", "status": "affected", "version": "5.1", "versionType": "custom"}, {"changes": [{"at": "5.0.10", "status": "unaffected"}], "lessThan": "5.0.10", "status": "affected", "version": "5.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks Rich Mirch of TeamARES from Critical Start Inc for discovering and reporting this issue."}], "datePublic": "2020-06-10T00:00:00", "descriptions": [{"lang": "en", "value": "A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 on Windows."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-06-10T17:29:03", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.paloaltonetworks.com/CVE-2020-2032"}], "solutions": [{"lang": "en", "value": "This issue is fixed in GlobalProtect app 5.0.10, GlobalProtect app 5.1.4, and all later GlobalProtect app versions."}], "source": {"defect": ["GPC-10583"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2020-06-10T00:00:00", "value": "Initial publication"}], "title": "GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-06-10T16:00:00.000Z", "ID": "CVE-2020-2032", "STATE": "PUBLIC", "TITLE": "GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GlobalProtect App", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_name": "5.1", "version_value": "5.1.4"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "5.1", "version_value": "5.1.4"}, {"platform": "Windows", "version_affected": "<", "version_name": "5.0", "version_value": "5.0.10"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "5.0", "version_value": "5.0.10"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "credit": [{"lang": "eng", "value": "Palo Alto Networks thanks Rich Mirch of TeamARES from Critical Start Inc for discovering and reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 on Windows."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2020-2032", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2020-2032"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in GlobalProtect app 5.0.10, GlobalProtect app 5.1.4, and all later GlobalProtect app versions."}], "source": {"defect": ["GPC-10583"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2020-06-10T00:00:00", "value": "Initial publication"}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:54:00.590Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2020-2032"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-2032", "datePublished": "2020-06-10T17:29:03.167538Z", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2024-09-17T02:27:10.850Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "2D325D3A-D857-4528-A6CC-0E8142A38C58", "versionEndExcluding": "5.0.10", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "5BF3D585-3F87-492B-8CE9-54122A2D228A", "versionEndExcluding": "5.1.4", "versionStartIncluding": "5.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. This issue affects: GlobalProtect app 5.0 versions earlier than GlobalProtect app 5.0.10 on Windows; GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.4 on Windows."}, {"lang": "es", "value": "Una vulnerabilidad de condici\u00f3n de carrera en la aplicaci\u00f3n GlobalProtect de Palo Alto Networks en Windows, permite a un usuario local limitado de Windows ejecutar programas con privilegios SYSTEM. Este problema solo puede ser explotado mientras se realiza una actualizaci\u00f3n de la aplicaci\u00f3n GlobalProtect. Este problema afecta a: la aplicaci\u00f3n GlobalProtect versiones 5.0 anteriores a la aplicaci\u00f3n GlobalProtect versi\u00f3n 5.0.10 en Windows; La aplicaci\u00f3n GlobalProtect versiones 5.1 anteriores a la aplicaci\u00f3n GlobalProtect versi\u00f3n 5.1.4 en Windows"}], "id": "CVE-2020-2032", "lastModified": "2024-11-21T05:24:30.247", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-10T18:15:11.780", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-2032"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-2032"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}]}