A path injection vulnerability affecting the GlobalProtect agent for Mac OS X 2.1.0 and earlier could allow a local attacker to gain elevated privileges on a targeted system.
Successful exploitation of this vulnerability results in a lower privileged user obtaining elevated privileges. A local attacker could exploit this vulnerability to execute arbitrary code in the security context of the local system.
This issue affects GlobalProtect agent version 2.1.0 and earlier for Mac OS X.
|GlobalProtect Agent 2.1||<= 2.1.0 on Mac OS X||>= 2.1.1 on Mac OS X|
CVSSv3.1 Base Score: 7.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
GlobalProtect 2.1.1 for Mac OS X addresses the issue described in this advisory.