CVE-2022-0016
Summary
| CVE | CVE-2022-0016 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-02-10 18:15:00 UTC |
| Updated | 2022-02-17 13:54:00 UTC |
| Description | An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. This issue impacts GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS. This issue does not affect the GlobalProtect app on other platforms. |
Risk And Classification
Problem Types: CWE-755
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Macos | - | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
| Application | Paloaltonetworks | Globalprotect | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2022-0016 GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon | CONFIRM | security.paloaltonetworks.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Palo Alto Networks thanks Adam Crosser (Praetorian), Brian Sizemore (Praetorian) and N. Sao (Genetec) for independently discovering and reporting this issue.