CVE-2021-3038 GlobalProtect App: Windows VPN kernel driver denial of service (DoS)
Attack Vector LOCAL
Attack Complexity LOW
Confidentiality Impact NONE
Privileges Required LOW
Integrity Impact NONE
User Interaction NONE
Availability Impact HIGH
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error.
This issue impacts:
GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8;
GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.
|GlobalProtect App 5.2||< 5.2.4 on Windows||>= 5.2.4 on Windows|
|GlobalProtect App 5.1||< 5.1.8 on Windows||>= 5.1.8 on Windows|
CVSSv3.1 Base Score:5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Palo Alto Networks is not aware of any malicious exploitation of this issue.
CWE-20 Improper Input Validation
This issue is fixed in GlobalProtect app 5.1.8, GlobalProtect app 5.2.4, and all later GlobalProtect app versions.
Palo Alto Networks thanks Christophe Schleypen from NCIA / NCIRC for discovering and reporting this issue.