Palo Alto Networks Security Advisories / CVE-2026-0267

CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS

Urgency MODERATE

047910
Severity 4.4 · MEDIUM
Exploit Maturity UNREPORTED
Response Effort MODERATE
Recovery AUTOMATIC
Value Density DIFFUSE
Attack Vector LOCAL
Attack Complexity LOW
Attack Requirements NONE
Automatable NO
User Interaction NONE
Product Confidentiality HIGH
Product Integrity NONE
Product Availability LOW
Privileges Required LOW
Subsequent Confidentiality NONE
Subsequent Integrity NONE
Subsequent Availability NONE
CVE JSON CSAF
Published 2026-06-10
Updated 2026-06-10
Discovered in production use

Description

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the GlobalProtect app configuration would not normally permit them to do so.

Product Status

VersionsAffectedUnaffected
GlobalProtect AppNone on Windows, Linux, iOS, Android, Chrome OSAll on Windows, Linux, iOS, Android, Chrome OS
GlobalProtect App 6.3< 6.3.3-h1 on macOS>= 6.3.3-h1 on macOS
GlobalProtect App 6.2< 6.2.8-h2 on macOS>= 6.2.8-h2 on macOS
GlobalProtect UWP AppNoneAll

Required Configuration for Exposure

This issue applies to GlobalProtect app deployments where the following feature is enabled on the GlobalProtect Portal configuration on PAN-OS firewalls or Panorama:

Severity: MEDIUM, Suggested Urgency: MODERATE

CVSS-BT: 4.4 / CVSS-B: 6.9 (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type and Impact

CWE-532 Insertion of Sensitive Information into Log File

CAPEC-155 Screen Temporary Files for Sensitive Information

Solution

VersionMinor Version RangeSuggested Solution
GlobalProtect App 6.3 on macOS6.3.0 through 6.3.3Upgrade to 6.3.3-h1 or later.
GlobalProtect App 6.2 on macOS6.2.0 through 6.2.8-h1Upgrade to 6.2.8-h2 or later.
GlobalProtect App on WindowsNot Applicable
GlobalProtect App on LinuxNot Applicable
GlobalProtect App on iOSNot Applicable
GlobalProtect App on AndroidNot Applicable
GlobalProtect App on Chrome OSNot Applicable

Workarounds and Mitigations

On the GlobalProtect Portal configuration on PAN-OS firewalls or Panorama, change the following setting (if enabled) to "Disallow":

Acknowledgments

Palo Alto Networks thanks one of our customers for discovering and reporting this issue.

CPEs

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.3:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*

cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*

CPE Applicability

Timeline

Initial publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2026 Palo Alto Networks, Inc. All rights reserved.