{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2183", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-03-10T17:56:25.934Z", "datePublished": "2025-08-13T17:05:08.612Z", "dateUpdated": "2025-08-16T03:55:51.624Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8-c243:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.9:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*"], "defaultStatus": "unaffected", "platforms": ["Windows"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.3.3-h2 (6.3.3-c676)", "status": "unaffected"}], "lessThan": "6.3.3-h2 (6.3.3-c676)", "status": "affected", "version": "6.3.0", "versionType": "custom"}, {"changes": [{"at": "6.2.8-h3 (6.2.8-c263)", "status": "unaffected"}], "lessThan": "6.2.8-h3 (6.2.8-c263)", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8-c243:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.9:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"], "defaultStatus": "unaffected", "platforms": ["Linux"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "6.3.3", "status": "unaffected"}], "lessThan": "6.3.3", "status": "affected", "version": "6.3.0", "versionType": "custom"}, {"changes": [{"at": "11.1.10", "status": "unaffected"}], "lessThan": "11.1.10", "status": "affected", "version": "6.2.0", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "platforms": ["Android", "iOS", "macOS"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Global Protect UWP App", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "GlobalProtect installations are impacted if either of the following conditions is true: <b><br></b>1.&nbsp;The portal pushes certificates to the client, which are then used to validate the Portal or Gateway's certificate. These certificates are stored in the <a target=\"_blank\" rel=\"nofollow\" href=\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNPRCA4\">tca.cer</a> file. If the certificates listed in \"Trusted Root CA\" include the entire certificate chain for the Portal or Gateway certificate, the configuration will be vulnerable. <b><br><br></b>2. GlobalProtect app is deployed with the \u201cFULLCHAINCERTVERIFY\u201d option set to yes.&nbsp;To learn more about this configuration, see the Solution section of this <a target=\"_blank\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/CVE-2024-5921\">advisory</a>."}], "value": "GlobalProtect installations are impacted if either of the following conditions is true: \n1.\u00a0The portal pushes certificates to the client, which are then used to validate the Portal or Gateway's certificate. These certificates are stored in the tca.cer https://knowledgebase.paloaltonetworks.com/KCSArticleDetail file. If the certificates listed in \"Trusted Root CA\" include the entire certificate chain for the Portal or Gateway certificate, the configuration will be vulnerable. \n\n2. GlobalProtect app is deployed with the \u201cFULLCHAINCERTVERIFY\u201d option set to yes.\u00a0To learn more about this configuration, see the Solution section of this advisory https://security.paloaltonetworks.com/CVE-2024-5921 ."}], "credits": [{"lang": "en", "type": "finder", "value": "Nikola Markovic of Palo Alto Networks"}, {"lang": "en", "type": "finder", "value": "Maxime Escorbiac of Michelin CERT"}], "datePublic": "2025-08-13T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect\u2122 app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint."}], "value": "An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect\u2122 app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "PHYSICAL", "baseScore": 5.3, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-08-13T17:05:08.612Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2025-2183"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.3 on Windows<br></td>\n <td>6.3.0 through 6.3.2</td>\n <td>Upgrade to 6.3.2-h9 or 6.3.3-h2 or later*.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on Windows<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h3 or later*.</td>\n </tr><tr><td>GlobalProtect App 6.1 on Windows</td><td></td><td>Upgrade to 6.2.8-h3 or 6.3.3-h2 or later*.</td></tr><tr>\n <td>GlobalProtect App 6.0 on Windows<br></td>\n <td><br></td>\n <td>Upgrade to 6.2.8-h3 or 6.3.3-h2 or later*.</td>\n </tr><tr>\n <td>GlobalProtect App 6.3 on Linux<br></td>\n <td>6.3.0 through 6.3.2</td>\n <td>Upgrade to 6.3.3 or later*.</td>\n </tr><tr><td>GlobalProtect App 6.2 on Linux</td><td></td><td>Upgrade to 6.3.3 or later*.</td></tr><tr><td>GlobalProtect App 6.1 on Linux</td><td></td><td>Upgrade to 6.3.3 or later*.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td></td><td>Upgrade to 6.3.3 or later*.</td></tr><tr><td>GlobalProtect App on Android, iOS, macOS<br></td><td></td><td>No action needed.</td></tr><tr><td>GlobalProtect UWP App</td><td>&nbsp;</td><td>No action needed.</td></tr></tbody></table><br>* In addition to the software updates listed above, additional steps are required to protect against this vulnerability as described below:<br><b><br>Solution for new and existing GlobalProtect </b><b>app installation on Windows / Linux</b><br><ol><li>Ensure the portal/gateway certificate can be validated using the operating system's certificate store (e.g., Local Machine Certificate Store or Current User Certificate Store in Windows; for Linux, refer to this <a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-user-guide/globalprotect-app-for-linux/support-for-native-certificate-store-for-prisma-access-and-globalprotect-app\">documentation</a>).</li><li>Remove any certificates associated with portal/gateway validation from the \"Trusted Root CA\" list on the Portal.&nbsp;</li><li>Enable portal setting: \u201cEnable Strict Certificate Check\u201d (set FULLCHAINCERTVERIFY to yes).<br></li></ol>"}], "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on Windows\n\n 6.3.0 through 6.3.2\n Upgrade to 6.3.2-h9 or 6.3.3-h2 or later*.\n \n GlobalProtect App 6.2 on Windows\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h3 or later*.\n GlobalProtect App 6.1 on WindowsUpgrade to 6.2.8-h3 or 6.3.3-h2 or later*.\n GlobalProtect App 6.0 on Windows\n\n \n\n Upgrade to 6.2.8-h3 or 6.3.3-h2 or later*.\n \n GlobalProtect App 6.3 on Linux\n\n 6.3.0 through 6.3.2\n Upgrade to 6.3.3 or later*.\n GlobalProtect App 6.2 on LinuxUpgrade to 6.3.3 or later*.GlobalProtect App 6.1 on LinuxUpgrade to 6.3.3 or later*.GlobalProtect App 6.0 on LinuxUpgrade to 6.3.3 or later*.GlobalProtect App on Android, iOS, macOS\nNo action needed.GlobalProtect UWP App\u00a0No action needed.\n* In addition to the software updates listed above, additional steps are required to protect against this vulnerability as described below:\n\nSolution for new and existing GlobalProtect app installation on Windows / Linux\n * Ensure the portal/gateway certificate can be validated using the operating system's certificate store (e.g., Local Machine Certificate Store or Current User Certificate Store in Windows; for Linux, refer to this documentation https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-user-guide/globalprotect-app-for-linux/support-for-native-certificate-store-for-prisma-access-and-globalprotect-app ).\n * Remove any certificates associated with portal/gateway validation from the \"Trusted Root CA\" list on the Portal.\u00a0\n * Enable portal setting: \u201cEnable Strict Certificate Check\u201d (set FULLCHAINCERTVERIFY to yes)."}], "source": {"defect": ["GPC-22355"], "discovery": "INTERNAL"}, "timeline": [{"lang": "en", "time": "2025-08-13T16:00:00.000Z", "value": "Initial Publication"}], "title": "GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation", "workarounds": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No known workarounds exist for this issue."}], "value": "No known workarounds exist for this issue."}], "x_affectedList": ["GlobalProtect App 6.3.2", "GlobalProtect App 6.3.1", "GlobalProtect App 6.3.0", "GlobalProtect App 6.3", "GlobalProtect App 6.2.8-c243", "GlobalProtect App 6.2.8", "GlobalProtect App 6.2.7", "GlobalProtect App 6.2.6", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2", "GlobalProtect App 6.1.9", "GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-15T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-2183"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-16T03:55:51.624Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2183", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-13T20:32:47.202690Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-13T20:32:52.564Z"}}], "cna": {"title": "GlobalProtect App: Improper Certificate Validation Leads to Privilege Escalation", "source": {"defect": ["GPC-22355"], "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Nikola Markovic of Palo Alto Networks"}, {"lang": "en", "type": "finder", "value": "Maxime Escorbiac of Michelin CERT"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 5.3, "Automatable": "NO", "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/U:Amber", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8-c243:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.9:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "changes": [{"at": "6.3.3-h2 (6.3.3-c676)", "status": "unaffected"}], "version": "6.3.0", "lessThan": "6.3.3-h2 (6.3.3-c676)", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "6.2.8-h3 (6.2.8-c263)", "status": "unaffected"}], "version": "6.2.0", "lessThan": "6.2.8-h3 (6.2.8-c263)", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8-c243:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.9:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*", "cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*"], "vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "affected", "changes": [{"at": "6.3.3", "status": "unaffected"}], "version": "6.3.0", "lessThan": "6.3.3", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "11.1.10", "status": "unaffected"}], "version": "6.2.0", "lessThan": "11.1.10", "versionType": "custom"}, {"status": "affected", "version": "6.1.0", "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "versionType": "custom"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "platforms": ["Android", "iOS", "macOS"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "Global Protect UWP App", "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-08-13T16:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "eng", "value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on Windows\n\n 6.3.0 through 6.3.2\n Upgrade to 6.3.2-h9 or 6.3.3-h2 or later*.\n \n GlobalProtect App 6.2 on Windows\n\n 6.2.0 through 6.2.8\n Upgrade to 6.2.8-h3 or later*.\n GlobalProtect App 6.1 on WindowsUpgrade to 6.2.8-h3 or 6.3.3-h2 or later*.\n GlobalProtect App 6.0 on Windows\n\n \n\n Upgrade to 6.2.8-h3 or 6.3.3-h2 or later*.\n \n GlobalProtect App 6.3 on Linux\n\n 6.3.0 through 6.3.2\n Upgrade to 6.3.3 or later*.\n GlobalProtect App 6.2 on LinuxUpgrade to 6.3.3 or later*.GlobalProtect App 6.1 on LinuxUpgrade to 6.3.3 or later*.GlobalProtect App 6.0 on LinuxUpgrade to 6.3.3 or later*.GlobalProtect App on Android, iOS, macOS\nNo action needed.GlobalProtect UWP App\u00a0No action needed.\n* In addition to the software updates listed above, additional steps are required to protect against this vulnerability as described below:\n\nSolution for new and existing GlobalProtect app installation on Windows / Linux\n * Ensure the portal/gateway certificate can be validated using the operating system's certificate store (e.g., Local Machine Certificate Store or Current User Certificate Store in Windows; for Linux, refer to this documentation https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-user-guide/globalprotect-app-for-linux/support-for-native-certificate-store-for-prisma-access-and-globalprotect-app ).\n * Remove any certificates associated with portal/gateway validation from the \"Trusted Root CA\" list on the Portal.\u00a0\n * Enable portal setting: \u201cEnable Strict Certificate Check\u201d (set FULLCHAINCERTVERIFY to yes).", "supportingMedia": [{"type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>GlobalProtect App 6.3 on Windows<br></td>\n <td>6.3.0 through 6.3.2</td>\n <td>Upgrade to 6.3.2-h9 or 6.3.3-h2 or later*.</td>\n </tr><tr>\n <td>GlobalProtect App 6.2 on Windows<br></td>\n <td>6.2.0 through 6.2.8</td>\n <td>Upgrade to 6.2.8-h3 or later*.</td>\n </tr><tr><td>GlobalProtect App 6.1 on Windows</td><td></td><td>Upgrade to 6.2.8-h3 or 6.3.3-h2 or later*.</td></tr><tr>\n <td>GlobalProtect App 6.0 on Windows<br></td>\n <td><br></td>\n <td>Upgrade to 6.2.8-h3 or 6.3.3-h2 or later*.</td>\n </tr><tr>\n <td>GlobalProtect App 6.3 on Linux<br></td>\n <td>6.3.0 through 6.3.2</td>\n <td>Upgrade to 6.3.3 or later*.</td>\n </tr><tr><td>GlobalProtect App 6.2 on Linux</td><td></td><td>Upgrade to 6.3.3 or later*.</td></tr><tr><td>GlobalProtect App 6.1 on Linux</td><td></td><td>Upgrade to 6.3.3 or later*.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td></td><td>Upgrade to 6.3.3 or later*.</td></tr><tr><td>GlobalProtect App on Android, iOS, macOS<br></td><td></td><td>No action needed.</td></tr><tr><td>GlobalProtect UWP App</td><td>&nbsp;</td><td>No action needed.</td></tr></tbody></table><br>* In addition to the software updates listed above, additional steps are required to protect against this vulnerability as described below:<br><b><br>Solution for new and existing GlobalProtect </b><b>app installation on Windows / Linux</b><br><ol><li>Ensure the portal/gateway certificate can be validated using the operating system's certificate store (e.g., Local Machine Certificate Store or Current User Certificate Store in Windows; for Linux, refer to this <a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-user-guide/globalprotect-app-for-linux/support-for-native-certificate-store-for-prisma-access-and-globalprotect-app\">documentation</a>).</li><li>Remove any certificates associated with portal/gateway validation from the \"Trusted Root CA\" list on the Portal.&nbsp;</li><li>Enable portal setting: \u201cEnable Strict Certificate Check\u201d (set FULLCHAINCERTVERIFY to yes).<br></li></ol>", "base64": false}]}], "datePublic": "2025-08-13T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-2183", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "eng", "value": "No known workarounds exist for this issue.", "supportingMedia": [{"type": "text/html", "value": "No known workarounds exist for this issue.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect\u2122 app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.", "supportingMedia": [{"type": "text/html", "value": "An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect\u2122 app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation"}]}], "configurations": [{"lang": "en", "value": "GlobalProtect installations are impacted if either of the following conditions is true: \n1.\u00a0The portal pushes certificates to the client, which are then used to validate the Portal or Gateway's certificate. These certificates are stored in the tca.cer https://knowledgebase.paloaltonetworks.com/KCSArticleDetail file. If the certificates listed in \"Trusted Root CA\" include the entire certificate chain for the Portal or Gateway certificate, the configuration will be vulnerable. \n\n2. GlobalProtect app is deployed with the \u201cFULLCHAINCERTVERIFY\u201d option set to yes.\u00a0To learn more about this configuration, see the Solution section of this advisory https://security.paloaltonetworks.com/CVE-2024-5921 .", "supportingMedia": [{"type": "text/html", "value": "GlobalProtect installations are impacted if either of the following conditions is true: <b><br></b>1.&nbsp;The portal pushes certificates to the client, which are then used to validate the Portal or Gateway's certificate. These certificates are stored in the <a target=\"_blank\" rel=\"nofollow\" href=\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNPRCA4\">tca.cer</a> file. If the certificates listed in \"Trusted Root CA\" include the entire certificate chain for the Portal or Gateway certificate, the configuration will be vulnerable. <b><br><br></b>2. GlobalProtect app is deployed with the \u201cFULLCHAINCERTVERIFY\u201d option set to yes.&nbsp;To learn more about this configuration, see the Solution section of this <a target=\"_blank\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/CVE-2024-5921\">advisory</a>.", "base64": false}]}], "x_affectedList": ["GlobalProtect App 6.3.2", "GlobalProtect App 6.3.1", "GlobalProtect App 6.3.0", "GlobalProtect App 6.3", "GlobalProtect App 6.2.8-c243", "GlobalProtect App 6.2.8", "GlobalProtect App 6.2.7", "GlobalProtect App 6.2.6", "GlobalProtect App 6.2.4", "GlobalProtect App 6.2.3", "GlobalProtect App 6.2.2", "GlobalProtect App 6.2.1", "GlobalProtect App 6.2.0", "GlobalProtect App 6.2", "GlobalProtect App 6.1.9", "GlobalProtect App 6.1.7", "GlobalProtect App 6.1.6", "GlobalProtect App 6.1.5", "GlobalProtect App 6.1.4", "GlobalProtect App 6.1.3", "GlobalProtect App 6.1.2", "GlobalProtect App 6.1.1", "GlobalProtect App 6.1.0", "GlobalProtect App 6.1", "GlobalProtect App 6.0.11", "GlobalProtect App 6.0.10", "GlobalProtect App 6.0.8", "GlobalProtect App 6.0.7", "GlobalProtect App 6.0.6", "GlobalProtect App 6.0.5", "GlobalProtect App 6.0.4", "GlobalProtect App 6.0.3", "GlobalProtect App 6.0.2", "GlobalProtect App 6.0.1", "GlobalProtect App 6.0.0", "GlobalProtect App 6.0"], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-08-13T17:05:08.612Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2183", "state": "PUBLISHED", "dateUpdated": "2025-08-16T03:55:51.624Z", "dateReserved": "2025-03-10T17:56:25.934Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2025-08-13T17:05:08.612Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect\u2122 app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint."}], "id": "CVE-2025-2183", "lastModified": "2025-08-13T17:33:46.673", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "PHYSICAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:X/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2025-08-13T17:15:27.333", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2025-2183"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}