CVE-2022-0017
Last modified
CVE-2022-0017 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. EPSS estimates a 0.27% chance of exploitation in the next 30 days.
Description
An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.5 on Windows. This issue does not affect GlobalProtect app on other platforms.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Paloaltonetworks | Globalprotect | >= 5.1, < 5.1.10 |
| Paloaltonetworks | Globalprotect | >= 5.2, < 5.2.5 |
References
- https://security.paloaltonetworks.com/CVE-2022-0017Vendor Advisory
- https://security.paloaltonetworks.com/CVE-2022-0017Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-0017?
How severe is CVE-2022-0017?
How do I fix CVE-2022-0017?
Are you affected by CVE-2022-0017?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST