Palo Alto Networks Security Advisories / PAN-SA-2016-0017

PAN-SA-2016-0017 Local Privilege Escalation in GlobalProtect Agent for OS X

047910
Severity 7.8 · HIGH
Attack Vector LOCAL
Attack Complexity LOW
Privileges Required LOW
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH

Description

A vulnerability was recently identified which allows a local user to escalate privileges through the GlobalProtect Agent for OS X (Ref # 97042).

Local users not entitled to the admin context on OS X could use this vulnerability to run processes with higher rights.

This issue affects GlobalProtect Agent for OS X 2.3.4 and earlier; GlobalProtect 3.0.2 and earlier

Product Status

VersionsAffectedUnaffected
GlobalProtect Agent 3.0<= 3.0.2 on OS X>= 3.0.3
GlobalProtect Agent 2.3<= 2.3.4 on OS X>= 2.3.5

Severity: HIGH

CVSSv3.1 Base Score: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Weakness Type

Solution

GlobalProtect Agent for OS X 2.3.5 and later; GlobalProtect 3.0.3 and later

Workarounds and Mitigations

N/A

Acknowledgments

Luke Young, Uber
© 2020 Palo Alto Networks, Inc. All rights reserved.