Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-0135

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.

Published

2025-05-14T19:15:51.817

Last Modified

2025-06-27T16:50:37.817

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

Weaknesses

Type: Secondary
CWE-266

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	paloaltonetworks	globalprotect	< 6.2.8	Yes
Application	paloaltonetworks	globalprotect	< 6.3.3	Yes

References

https://security.paloaltonetworks.com/CVE-2025-0135 Vendor Advisory ([email protected])