CVE-2025-0140 Information

Description

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.

The GlobalProtect app on Windows iOS Android Chrome OS and GlobalProtect UWP app are not affected.

Reference

https://security.paloaltonetworks.com/CVE-2025-0140

Related CNNVD

CNNVD-202507-1361 (Published: 2025-07-09)