Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-9473

UNKNOWN
Published 2024-10-09T17:07:00.981Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-9473. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.

Available Exploits

No exploits available for this CVE.

Related News

CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability (Severity: LOW)

Related content: CVE-2025-4232 GlobalProtect: Authenticated Code Injection Through Wildcard on macOS (Severity: MEDIUM) CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability (Severity: LOW) CVE-2025-4231 PAN-OS: Authenticated Admin Command Inject…

Paloaltonetworks.com 2025-08-11 16:30
Read More

Affected Products

Palo Alto Networks

GlobalProtect App

Affected Versions:

5.1 6.0 6.1 6.2.0 6.3
paloaltonetworks

globalprotect

Affected Versions:

5.1.0
paloaltonetworks

globalprotect

Affected Versions:

6.0.0
paloaltonetworks

globalprotect

Affected Versions:

6.1.0
paloaltonetworks

globalprotect

Affected Versions:

6.3.0
paloaltonetworks

globalprotect

Affected Versions:

6.2.0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-w47r-whp2-pxw8

Advisory Details

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-9473
WEB https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect
WEB https://security.paloaltonetworks.com/CVE-2024-9473

Advisory provided by GitHub Security Advisory Database. Published: October 9, 2024, Modified: October 17, 2024

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

1 post
Reddit 1 month ago
RedPacketSecurity

[Palo Alto Networks Security Advisories] CVE-2024-9473 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability

1
1.0
View Original

References

https://security.paloaltonetworks.com/CVE-2024-9473
https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect/
Published: 2024-10-09T17:07:00.981Z
Last Modified: 2024-10-18T11:59:17.267Z
Copied to clipboard!