CVE-2024-2432 - Vulnerability Details - OpenCVE

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Palo Alto Networks	Globalprotect App
Paloaltonetworks	Globalprotect

Configuration 1 [-]

OR	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*
	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*
	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*
	cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:::::windows::

No data.

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2024-2432

History

Fri, 26 Sep 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Paloaltonetworks Paloaltonetworks globalprotect
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::* cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:::::windows::
Vendors & Products		Paloaltonetworks Paloaltonetworks globalprotect

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-03-13T17:51:33.908Z

Updated: 2024-08-28T15:14:21.571Z

Reserved: 2024-03-13T16:19:26.854Z

Link: CVE-2024-2432

Vulnrichment

Updated: 2024-08-01T19:11:53.524Z

NVD

Status : Analyzed

Published: 2024-03-13T18:15:08.603

Modified: 2025-09-26T19:10:56.553

Link: CVE-2024-2432

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2432", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2024-03-13T16:19:26.854Z", "datePublished": "2024-03-13T17:51:33.908Z", "dateUpdated": "2024-08-28T15:14:21.571Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "5.1.12", "status": "unaffected"}], "lessThan": "5.1.12", "status": "affected", "version": "5.1", "versionType": "custom"}, {"changes": [{"at": "6.0.8", "status": "unaffected"}], "lessThan": "6.0.8", "status": "affected", "version": "6.0", "versionType": "custom"}, {"changes": [{"at": "6.1.2", "status": "unaffected"}], "lessThan": "6.1.2", "status": "affected", "version": "6.1", "versionType": "custom"}, {"changes": [{"at": "6.2.1", "status": "unaffected"}], "lessThan": "6.2.1", "status": "affected", "version": "6.2", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Palo Alto Networks thanks Erwin Chan for discovering and reporting this issue."}], "datePublic": "2024-03-13T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition."}], "value": "A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>"}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-03-13T17:51:33.908Z"}, "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-2432"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 6.0.8, GlobalProtect app 6.1.2, GlobalProtect app 6.2.1, and all later GlobalProtect app versions on Windows.<br>"}], "value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 6.0.8, GlobalProtect app 6.1.2, GlobalProtect app 6.2.1, and all later GlobalProtect app versions on Windows.\n"}], "source": {"defect": ["GPC-18129"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2024-03-13T16:00:00.000Z", "value": "Initial publication"}], "title": "GlobalProtect App: Local Privilege Escalation (PE) Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.524Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-2432", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "paloaltonetworks", "product": "globalprotect", "cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "5.1", "status": "affected", "lessThan": "5.1.12", "versionType": "custom"}, {"version": "6.0", "status": "affected", "lessThan": "6.0.8", "versionType": "custom"}, {"version": "6.1", "status": "affected", "lessThan": "6.1.2", "versionType": "custom"}, {"version": "6.2", "status": "affected", "lessThan": "6.2.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-13T19:57:08.397529Z", "id": "CVE-2024-2432", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T15:14:21.571Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-2432", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.524Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2432", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-03-13T19:57:08.397529Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*"], "vendor": "paloaltonetworks", "product": "globalprotect", "versions": [{"status": "affected", "version": "5.1", "lessThan": "5.1.12", "versionType": "custom"}, {"status": "affected", "version": "6.0", "lessThan": "6.0.8", "versionType": "custom"}, {"status": "affected", "version": "6.1", "lessThan": "6.1.2", "versionType": "custom"}, {"status": "affected", "version": "6.2", "lessThan": "6.2.1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T15:14:17.017Z"}}], "cna": {"title": "GlobalProtect App: Local Privilege Escalation (PE) Vulnerability", "source": {"defect": ["GPC-18129"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Palo Alto Networks thanks Erwin Chan for discovering and reporting this issue."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "changes": [{"at": "5.1.12", "status": "unaffected"}], "version": "5.1", "lessThan": "5.1.12", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "6.0.8", "status": "unaffected"}], "version": "6.0", "lessThan": "6.0.8", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "6.1.2", "status": "unaffected"}], "version": "6.1", "lessThan": "6.1.2", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "6.2.1", "status": "unaffected"}], "version": "6.2", "lessThan": "6.2.1", "versionType": "custom"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2024-03-13T16:00:00.000Z", "value": "Initial publication"}], "solutions": [{"lang": "en", "value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 6.0.8, GlobalProtect app 6.1.2, GlobalProtect app 6.2.1, and all later GlobalProtect app versions on Windows.\n", "supportingMedia": [{"type": "text/html", "value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 6.0.8, GlobalProtect app 6.1.2, GlobalProtect app 6.2.1, and all later GlobalProtect app versions on Windows.<br>", "base64": false}]}], "datePublic": "2024-03-13T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2024-2432"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.", "supportingMedia": [{"type": "text/html", "value": "A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2024-03-13T17:51:33.908Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2432", "state": "PUBLISHED", "dateUpdated": "2024-08-28T15:14:21.571Z", "dateReserved": "2024-03-13T16:19:26.854Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2024-03-13T17:51:33.908Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "EAC8FADF-A1A0-4DA5-82DE-ED238BEB98E3", "versionEndExcluding": "5.1.12", "versionStartIncluding": "5.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "97FC1094-EA9D-491A-AD37-F57DD4873587", "versionEndExcluding": "6.0.8", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "AE3544EF-2A63-4648-A52D-523F58C60D23", "versionEndExcluding": "6.1.2", "versionStartIncluding": "6.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:*:*:*:*:windows:*:*", "matchCriteriaId": "789F41C0-90C4-45D0-9C99-00F5D207E294", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition."}, {"lang": "es", "value": "Una vulnerabilidad de escalada de privilegios (PE) en la aplicaci\u00f3n Palo Alto Networks GlobalProtect en dispositivos Windows permite a un usuario local ejecutar programas con privilegios elevados. Sin embargo, la ejecuci\u00f3n requiere que el usuario local pueda aprovechar con \u00e9xito una condici\u00f3n de ejecuci\u00f3n."}], "id": "CVE-2024-2432", "lastModified": "2025-09-26T19:10:56.553", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.4, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-13T18:15:08.603", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-2432"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2024-2432"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}