Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall
An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to r
A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect u
A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet.
An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their priv
An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to dele
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code wi
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the fi
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configure
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os
A sensitive information disclosure vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to retrieve sensitive data from Prisma Browser.
Browser self-prote
An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and esca
An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) wit
A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalat
Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed.
Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenti