CVE-2023-0006 GlobalProtect App: Local File Deletion Vulnerability
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a user to delete system files from the endpoint with elevated privileges through a race condition.
Versions | Affected | Unaffected |
---|---|---|
GlobalProtect App 6.1 | < 6.1.1 on Windows | >= 6.1.1 on Windows |
GlobalProtect App 6.0 | < 6.0.4 on Windows | >= 6.0.4 on Windows |
GlobalProtect App 5.2 | < 5.2.13 on Windows | >= 5.2.13 on Windows |
CVSSv3.1 Base Score:6.3 (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H)
Palo Alto Networks is not aware of any malicious exploitation of this issue.
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
This issue is fixed in GlobalProtect app 5.2.13, GlobalProtect app 6.0.4, GlobalProtect app 6.1.1, and all later GlobalProtect app versions on Windows devices.