An information disclosure vulnerability exists in the GlobalProtect Agent for Windows and macOS (VU#192371).
Successful exploitation of this issue would allow a local authenticated attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user. An attacker should have already compromised the end user account and gained the ability to inspect memory in order to obtain these tokens.
This issue affects GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS. GlobalProtect Agent for macOS 5.0 is NOT affected.
|GlobalProtect Agent 4.1||<= 4.1.0 on Windows, <= 4.1.10 on OS X||>= 4.1.1 on Windows, >= 4.1.11 on OS X|
CVSSv3.1 Base Score: 2.5 (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)
GlobalProtect Agent 4.1.1 and later for Windows, and GlobalProtect Agent 4.1.11 and later for macOS.