A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error.
This issue impacts:
GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8;
GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.
|GlobalProtect App 5.2||< 5.2.4 on Windows||>= 5.2.4 on Windows|
|GlobalProtect App 5.1||< 5.1.8 on Windows||>= 5.1.8 on Windows|
CVSSv3.1 Base Score: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Palo Alto Networks is not aware of any malicious exploitation of this issue.
This issue is fixed in GlobalProtect app 5.1.8, GlobalProtect app 5.2.4, and all later GlobalProtect app versions.