Palo Alto Networks Security Advisories / PAN-SA-2016-0017

PAN-SA-2016-0017 Local Privilege Escalation in GlobalProtect App for OS X


047910
Severity 7.8 · HIGH
Attack Vector LOCAL
Scope UNCHANGED
Attack Complexity LOW
Confidentiality Impact HIGH
Privileges Required LOW
Integrity Impact HIGH
User Interaction NONE
Availability Impact HIGH
JSON CSAF
Published 2016-08-04
Updated 2016-08-04
Reference 97042, PAN-SA-2016-0017

Description

A vulnerability was recently identified which allows a local user to escalate privileges through the GlobalProtect App for OS X (Ref # 97042).

Local users not entitled to the admin context on OS X could use this vulnerability to run processes with higher rights.

This issue affects GlobalProtect App for OS X 2.3.4 and earlier; GlobalProtect 3.0.2 and earlier

Product Status

VersionsAffectedUnaffected
GlobalProtect App 3.0<= 3.0.2 on OS X>= 3.0.3
GlobalProtect App 2.3<= 2.3.4 on OS X>= 2.3.5

Severity: HIGH

CVSSv3.1 Base Score: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Solution

GlobalProtect App for OS X 2.3.5 and later; GlobalProtect 3.0.3 and later

Workarounds and Mitigations

N/A

Acknowledgments

Palo Alto Networks thanks Luke Young, Uber for discovering and reporting the issue."
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.