{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"GlobalProtect App Vulnerability"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2017-15870","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:25:28.934Z","generator":{"date":"2026-04-11T00:25:28.934Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2017-15870","initial_release_date":"2017-12-06T00:20:00.000Z","revision_history":[{"number":"1","date":"2026-04-10T17:25:28.000Z","summary":"Initial release"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[]}]},"vulnerabilities":[{"cve":"CVE-2017-15870","product_status":{"fixed":["PANW-GlobalProtect-App-86"],"known_affected":["PANW-GlobalProtect-App-85"]},"notes":[{"category":"description","text":"An \"image path execution hijacking\" vulnerability affects the Palo Alto Networks Global Protect Client. Exploitation of this issue requires the root privileges on the local station. An attacker could exploit this vulnerability to obtain a certain level of persistence on the compromised host. (ref # GPC-4401 / CVE-2017-15870)\nSuccessful exploitation requires local administrative privileges.\nThis issue affects GlobalProtect App for macOS 4.0.2 and earlier"}],"references":[{"category":"external","summary":"NVD - CVE-2017-15870","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15870"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2017-15870","url":"https://security.paloaltonetworks.com/CVE-2017-15870"}],"threats":[{"category":"impact","description":"An \"image path execution hijacking\" vulnerability affects the Palo Alto Networks Global Protect Client. Exploitation of this issue requires the root privileges on the local station. An attacker could exploit this vulnerability to obtain a certain level of persistence on the compromised host. (ref # GPC-4401 / CVE-2017-15870)\nSuccessful exploitation requires local administrative privileges.\nThis issue affects GlobalProtect App for macOS 4.0.2 and earlier"}],"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM"},"products":["PANW-GlobalProtect-App-85"]}]}]}