Fixed versions were released on October 15, 2019, by Palo Alto Networks. The vulnerabilities allowed unprivileged users to reliably escalate to SYSTEM or root on machines where GlobalProtect software is used. The CrowdStrike® Intelligence Advanced Research Team discovered two distinct vulnerabilities in the Windows, Linux and macOS versions of the Palo Alto Networks GlobalProtect VPN client (CVE-2019-17435, CVE-2019-17436).
0 Comments
Leave a Reply. |