CVE-2025-0117

HIGH Year: 2025
Weakness Type
CWE-807
View all →

Vulnerability Description

A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. GlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected.

Related Vulnerabilities

CVE-2025-1126

CRITICAL
CVSS:9.3(Critical)

A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client.

CWE-8072025

CVE-2024-29039

CRITICAL
CVSS:9.0(Critical)

tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR in...

CWE-8072024

CVE-2021-31999

HIGH
CVSS:8.8(High)

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group...

CWE-8072021

CVE-2021-36777

HIGH
CVSS:8.8(High)

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the c...

CWE-8072021

CVE-2024-55354

HIGH
CVSS:8.8(High)

Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism failure that can let an attacker run code that would be expecte...

CWE-8072024

CVE-2023-0009

HIGH
CVSS:7.8(High)

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.

CWE-8072023