A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. (Ref # GPC-8945, CVE-2019-17436)
Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges on the system.
This issue affects GlobalProtect Agent 5.0.4 and earlier for Linux and Mac OS and GlobalProtect Agent 4.1.12 and earlier for Linux and Mac OS.
|GlobalProtect Agent 5.0||<= 5.0.4||>= 5.0.5|
|GlobalProtect Agent 4.1||<= 4.1.12||>= 4.1.13|
CVSSv3.1 Base Score: 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H)
GlobalProtect Agent 4.1.13 and later for Linux and Mac OS and GlobalProtect Agent 5.0.5 and later for Linux and Mac OS.