CVE-2021-3038 GlobalProtect App: Windows VPN kernel driver denial of service (DoS)
Attack Vector
LOCAL
Scope
UNCHANGED
Attack Complexity
LOW
Confidentiality Impact
NONE
Privileges Required
LOW
Integrity Impact
NONE
User Interaction
NONE
Availability Impact
HIGH
Description
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error.
This issue impacts:
GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8;
GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.
Product Status
Versions | Affected | Unaffected |
---|---|---|
GlobalProtect App 5.2 | < 5.2.4 on Windows | >= 5.2.4 on Windows |
GlobalProtect App 5.1 | < 5.1.8 on Windows | >= 5.1.8 on Windows |
Severity: MEDIUM
CVSSv3.1 Base Score: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type
CWE-20 Improper Input Validation
Solution
This issue is fixed in GlobalProtect app 5.1.8, GlobalProtect app 5.2.4, and all later GlobalProtect app versions.
Acknowledgments
Palo Alto Networks thanks Christophe Schleypen from NCIA / NCIRC for discovering and reporting this issue.
Timeline
Initial publication