vulnerability
Palo Alto Networks GlobalProtect App: CVE-2019-17436: Local Privilege Escalation in GlobalProtect App for Linux and Mac OS
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:N/I:C/A:C) | Oct 15, 2019 | May 21, 2025 | Mar 25, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:N/I:C/A:C)
Published
Oct 15, 2019
Added
May 21, 2025
Modified
Mar 25, 2026
Description
A Local Privilege Escalation vulnerability exists in GlobalProtect App for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. (Ref # GPC-8945, CVE-2019-17436)
Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges on the system.
This issue affects GlobalProtect App 5.0.4 and earlier for Linux and Mac OS and GlobalProtect App 4.1.12 and earlier for Linux and Mac OS.
Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges on the system.
This issue affects GlobalProtect App 5.0.4 and earlier for Linux and Mac OS and GlobalProtect App 4.1.12 and earlier for Linux and Mac OS.
Solution
palo-alto-networks-globalprotect-app-upgrade-latest
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.