CVE-2021-3038 GlobalProtect App: Windows VPN kernel driver denial of service (DoS)
Attack Vector LOCAL
Scope UNCHANGED
Attack Complexity LOW
Confidentiality Impact NONE
Privileges Required LOW
Integrity Impact NONE
User Interaction NONE
Availability Impact HIGH
Description
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error.
This issue impacts:
GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8;
GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.
Product Status
Versions | Affected | Unaffected |
---|---|---|
GlobalProtect App 5.2 | < 5.2.4 on Windows | >= 5.2.4 on Windows |
GlobalProtect App 5.1 | < 5.1.8 on Windows | >= 5.1.8 on Windows |
Severity:MEDIUM
CVSSv3.1 Base Score:5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type
CWE-20 Improper Input Validation
Solution
This issue is fixed in GlobalProtect app 5.1.8, GlobalProtect app 5.2.4, and all later GlobalProtect app versions.
Acknowledgments
Palo Alto Networks thanks Christophe Schleypen from NCIA / NCIRC for discovering and reporting this issue.
Timeline
Initial publication