{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9473", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-10-03T11:35:19.552Z", "datePublished": "2024-10-09T17:07:00.981Z", "dateUpdated": "2024-10-18T11:59:17.267Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.5:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.10:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.8:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.7:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.6:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.5:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.12:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.11:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.10:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.9:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.8:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.7:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.6:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.5:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1:-:*:*:*:*:*:*"], "defaultStatus": "unaffected", "platforms": ["Windows"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"status": "affected", "version": "5.1"}, {"status": "affected", "version": "6.0"}, {"status": "affected", "version": "6.1"}, {"changes": [{"at": "6.2.5", "status": "unaffected"}], "lessThan": "6.2.5", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.3"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Michael Baer of SEC Consult Vulnerability Lab"}, {"lang": "en", "type": "finder", "value": "Marc Barrantes of KPMG Spain"}], "datePublic": "2024-10-09T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect."}], "value": "A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, a proof of concept for this issue is publicly available.<br>"}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, a proof of concept for this issue is publicly available."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 5.2, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-250", "description": "CWE-250 Execution with Unnecessary Privileges", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-10-18T11:59:17.267Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-9473"}, {"tags": ["third-party-advisory", "exploit"], "url": "https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This issue is fixed in GlobalProtect app 6.2.5, and will be fixed in the remaining supported versions of GlobalProtect app listed in the Product Status section. Updates will be published to this advisory as they become available.<br><br>Customers who want to upgrade should reach out to customer support at <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.paloaltonetworks.com\">https://support.paloaltonetworks.com</a>.<br>"}], "value": "This issue is fixed in GlobalProtect app 6.2.5, and will be fixed in the remaining supported versions of GlobalProtect app listed in the Product Status section. Updates will be published to this advisory as they become available.\n\nCustomers who want to upgrade should reach out to customer support at https://support.paloaltonetworks.com ."}], "source": {"defect": ["GPC-19493", "GPC-21211"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2024-10-09T16:00:00.000Z", "value": "Initial publication"}], "title": "GlobalProtect App: Local Privilege Escalation (PE) Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "paloaltonetworks", "product": "globalprotect", "cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:5.1.0:*:*:*:*:windows:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "5.1.0", "status": "affected"}]}, {"vendor": "paloaltonetworks", "product": "globalprotect", "cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:6.0.0:*:*:*:*:windows:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "6.0.0", "status": "affected"}]}, {"vendor": "paloaltonetworks", "product": "globalprotect", "cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:6.1.0:*:*:*:*:windows:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "6.1.0", "status": "affected"}]}, {"vendor": "paloaltonetworks", "product": "globalprotect", "cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:6.3.0:*:*:*:*:windows:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "6.3.0", "status": "affected"}]}, {"vendor": "paloaltonetworks", "product": "globalprotect", "cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "6.2.0", "status": "affected", "lessThan": "6.2.5", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-15T12:53:19.159087Z", "id": "CVE-2024-9473", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T13:00:52.468Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Oct/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-10-10T06:03:45.155Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Oct/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-10-10T06:03:45.155Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9473", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-15T12:53:19.159087Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:5.1.0:*:*:*:*:windows:*:*"], "vendor": "paloaltonetworks", "product": "globalprotect", "versions": [{"status": "affected", "version": "5.1.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:6.0.0:*:*:*:*:windows:*:*"], "vendor": "paloaltonetworks", "product": "globalprotect", "versions": [{"status": "affected", "version": "6.0.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:6.1.0:*:*:*:*:windows:*:*"], "vendor": "paloaltonetworks", "product": "globalprotect", "versions": [{"status": "affected", "version": "6.1.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:6.3.0:*:*:*:*:windows:*:*"], "vendor": "paloaltonetworks", "product": "globalprotect", "versions": [{"status": "affected", "version": "6.3.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*"], "vendor": "paloaltonetworks", "product": "globalprotect", "versions": [{"status": "affected", "version": "6.2.0", "lessThan": "6.2.5", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-09T17:38:06.377Z"}}], "cna": {"title": "GlobalProtect App: Local Privilege Escalation (PE) Vulnerability", "source": {"defect": ["GPC-19493", "GPC-21211"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Michael Baer of SEC Consult Vulnerability Lab"}, {"lang": "en", "type": "finder", "value": "Marc Barrantes of KPMG Spain"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 5.2, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:C/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.5:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.10:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.8:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.7:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.6:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.5:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:6.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.12:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.11:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.10:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.9:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.8:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.7:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.6:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.5:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.4:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.3:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.2:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.1:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1.0:-:*:*:*:*:*:*", "cpe:2.3:a:paloaltonetworks:globalprotect_app:5.1:-:*:*:*:*:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "version": "5.1"}, {"status": "affected", "version": "6.0"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "changes": [{"at": "6.2.5", "status": "unaffected"}], "version": "6.2.0", "lessThan": "6.2.5", "versionType": "custom"}, {"status": "affected", "version": "6.3"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, a proof of concept for this issue is publicly available.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, a proof of concept for this issue is publicly available.<br>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2024-10-09T16:00:00.000Z", "value": "Initial publication"}], "solutions": [{"lang": "en", "value": "This issue is fixed in GlobalProtect app 6.2.5, and will be fixed in the remaining supported versions of GlobalProtect app listed in the Product Status section. Updates will be published to this advisory as they become available.\n\nCustomers who want to upgrade should reach out to customer support at https://support.paloaltonetworks.com .", "supportingMedia": [{"type": "text/html", "value": "This issue is fixed in GlobalProtect app 6.2.5, and will be fixed in the remaining supported versions of GlobalProtect app listed in the Product Status section. Updates will be published to this advisory as they become available.<br><br>Customers who want to upgrade should reach out to customer support at <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.paloaltonetworks.com\">https://support.paloaltonetworks.com</a>.<br>", "base64": false}]}], "datePublic": "2024-10-09T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-9473", "tags": ["vendor-advisory"]}, {"url": "https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect/", "tags": ["third-party-advisory", "exploit"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.", "supportingMedia": [{"type": "text/html", "value": "A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-250", "description": "CWE-250 Execution with Unnecessary Privileges"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-10-18T11:59:17.267Z"}}}, "cveMetadata": {"cveId": "CVE-2024-9473", "state": "PUBLISHED", "dateUpdated": "2024-10-18T11:59:17.267Z", "dateReserved": "2024-10-03T11:35:19.552Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2024-10-09T17:07:00.981Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "7E2CBAA4-7E71-4769-BBD6-6AF13714E565", "versionEndExcluding": "6.2.5", "versionStartIncluding": "5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:6.3.0:*:*:*:*:windows:*:*", "matchCriteriaId": "CF300947-06F7-4027-B57A-1F3388233670", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:6.3.1:*:*:*:*:windows:*:*", "matchCriteriaId": "11061375-2C2C-47B4-A3ED-B1DA70F96642", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect."}, {"lang": "es", "value": "Una vulnerabilidad de escalada de privilegios en la aplicaci\u00f3n Palo Alto Networks GlobalProtect en Windows permite que un usuario de Windows no administrativo autenticado localmente escale sus privilegios a NT AUTHORITY/SYSTEM mediante el uso de la funcionalidad de reparaci\u00f3n ofrecida por el archivo .msi utilizado para instalar GlobalProtect."}], "id": "CVE-2024-9473", "lastModified": "2024-11-21T09:54:26.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "automatable": "NO", "availabilityRequirements": "NOT_DEFINED", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "recovery": "USER", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnerabilityResponseEffort": "MODERATE", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "LOW"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2024-10-09T17:15:21.230", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect/"}, {"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-9473"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Oct/2"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-250"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}