{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2179", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-03-10T17:56:18.225Z", "datePublished": "2025-07-29T17:15:08.461Z", "dateUpdated": "2025-07-29T17:37:23.305Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"], "defaultStatus": "unaffected", "platforms": ["Linux"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.2.9", "status": "unaffected"}], "lessThan": "6.2.9", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "platforms": ["Android", "Chrome OS", "iOS", "Windows", "macOS"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "GlobalProtect UWP App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>You are vulnerable to this issue if you have GlobalProtect configured with both of the following configurations:</p><p></p><ol><li>Connect method set to 'Every time the user logs on to the machine (Always On)'</li><li>'Allow User to Disable GlobalProtect' set to either Disallow or 'Allow with Passcode'</li></ol><p></p><p>You can verify if these configurations are enabled by either</p><ol><li>Navigating to GlobalProtect &gt; App Settings - GlobalProtect on the Strata Cloud Manager OR</li><li>Navigating to Network &gt; GlobalProtect &gt; Portals &gt; Agent on Panorama or PAN-OS management web interface for directly-managed devices.</li></ol>"}], "value": "You are vulnerable to this issue if you have GlobalProtect configured with both of the following configurations:\n\n\n\n * Connect method set to 'Every time the user logs on to the machine (Always On)'\n * 'Allow User to Disable GlobalProtect' set to either Disallow or 'Allow with Passcode'\n\n\nYou can verify if these configurations are enabled by either\n\n * Navigating to GlobalProtect > App Settings - GlobalProtect on the Strata Cloud Manager OR\n * Navigating to Network > GlobalProtect > Portals > Agent on Panorama or PAN-OS management web interface for directly-managed devices."}], "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla"}, {"lang": "en", "type": "finder", "value": "Graham Brereton (graham.brereton@form3.tech)"}], "datePublic": "2025-07-28T21:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.<br><br>The GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-07-29T17:15:08.461Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2025-2179"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table class=\"tbl\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.2 on Linux<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.9 or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on Linux</td><td></td><td>Upgrade to 6.2.9 or later.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td></td><td>Upgrade to 6.2.9 or later.</td></tr><tr><td>GlobalProtect App on Android, ChromeOS, iOS, macOS, Windows<br></td><td></td><td>No action needed.</td></tr></tbody></table>"}], "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.2 on Linux\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.9 or later.\n GlobalProtect App 6.1 on LinuxUpgrade to 6.2.9 or later.GlobalProtect App 6.0 on LinuxUpgrade to 6.2.9 or later.GlobalProtect App on Android, ChromeOS, iOS, macOS, Windows\nNo action needed."}], "source": {"defect": ["GPC-21751"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-07-28T19:00:00.000Z", "value": "Initial Publication"}], "title": "GlobalProtect App: Non Admin User Can Disable the GlobalProtect App", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No workaround or mitigation is available."}], "value": "No workaround or mitigation is available."}], "x_affectedList": ["GlobalProtect App 6.2.7", "GlobalProtect App 6.2.6", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2", "GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-29T17:37:10.712988Z", "id": "CVE-2025-2179", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-29T17:37:23.305Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2179", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-03-10T17:56:18.225Z", "datePublished": "2025-07-29T17:15:08.461Z", "dateUpdated": "2025-07-29T17:37:23.305Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"], "defaultStatus": "unaffected", "platforms": ["Linux"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.2.9", "status": "unaffected"}], "lessThan": "6.2.9", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "platforms": ["Android", "Chrome OS", "iOS", "Windows", "macOS"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "GlobalProtect UWP App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>You are vulnerable to this issue if you have GlobalProtect configured with both of the following configurations:</p><p></p><ol><li>Connect method set to 'Every time the user logs on to the machine (Always On)'</li><li>'Allow User to Disable GlobalProtect' set to either Disallow or 'Allow with Passcode'</li></ol><p></p><p>You can verify if these configurations are enabled by either</p><ol><li>Navigating to GlobalProtect &gt; App Settings - GlobalProtect on the Strata Cloud Manager OR</li><li>Navigating to Network &gt; GlobalProtect &gt; Portals &gt; Agent on Panorama or PAN-OS management web interface for directly-managed devices.</li></ol>"}], "value": "You are vulnerable to this issue if you have GlobalProtect configured with both of the following configurations:\n\n\n\n * Connect method set to 'Every time the user logs on to the machine (Always On)'\n * 'Allow User to Disable GlobalProtect' set to either Disallow or 'Allow with Passcode'\n\n\nYou can verify if these configurations are enabled by either\n\n * Navigating to GlobalProtect > App Settings - GlobalProtect on the Strata Cloud Manager OR\n * Navigating to Network > GlobalProtect > Portals > Agent on Panorama or PAN-OS management web interface for directly-managed devices."}], "credits": [{"lang": "en", "type": "finder", "value": "Alex Bourla"}, {"lang": "en", "type": "finder", "value": "Graham Brereton (graham.brereton@form3.tech)"}], "datePublic": "2025-07-28T21:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.<br><br>The GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-578", "descriptions": [{"lang": "en", "value": "CAPEC-578 Disable Security Software"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-266", "description": "CWE-266: Incorrect Privilege Assignment", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-07-29T17:15:08.461Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2025-2179"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table class=\"tbl\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.2 on Linux<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.9 or later.</td>\n </tr><tr><td>GlobalProtect App 6.1 on Linux</td><td></td><td>Upgrade to 6.2.9 or later.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td></td><td>Upgrade to 6.2.9 or later.</td></tr><tr><td>GlobalProtect App on Android, ChromeOS, iOS, macOS, Windows<br></td><td></td><td>No action needed.</td></tr></tbody></table>"}], "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.2 on Linux\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.9 or later.\n GlobalProtect App 6.1 on LinuxUpgrade to 6.2.9 or later.GlobalProtect App 6.0 on LinuxUpgrade to 6.2.9 or later.GlobalProtect App on Android, ChromeOS, iOS, macOS, Windows\nNo action needed."}], "source": {"defect": ["GPC-21751"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-07-28T19:00:00.000Z", "value": "Initial Publication"}], "title": "GlobalProtect App: Non Admin User Can Disable the GlobalProtect App", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No workaround or mitigation is available."}], "value": "No workaround or mitigation is available."}], "x_affectedList": ["GlobalProtect App 6.2.7", "GlobalProtect App 6.2.6", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2", "GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2179", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-29T17:37:10.712988Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-29T17:37:14.432Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, macOS, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected."}, {"lang": "es", "value": "Una vulnerabilidad de asignaci\u00f3n incorrecta de privilegios en la aplicaci\u00f3n Palo Alto Networks GlobalProtect\u2122 en dispositivos Linux permite que un usuario no administrativo autenticado localmente desactive la aplicaci\u00f3n incluso si la configuraci\u00f3n de GlobalProtect no lo permite. La aplicaci\u00f3n GlobalProtect en Windows, macOS, iOS, Android, Chrome OS y la aplicaci\u00f3n GlobalProtect UWP no se ve afectada."}], "id": "CVE-2025-2179", "lastModified": "2025-07-31T18:42:56.503", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2025-07-29T18:15:27.333", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2025-2179"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}

{}