Local Privilege Escalation in GlobalProtect Agent for Linux and Mac OS (PAN-SA-2019-0037)

Last revised: 10/15/2019

Summary

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. (Ref # GPC-8945, CVE-2019-17436)

Severity: Medium

Successful exploitation of this issue may allow a low-privileged local user to escalate their privileges on the system.

Products Affected

GlobalProtect Agent 5.0.4 and earlier for Linux and Mac OS and GlobalProtect Agent 4.1.12 and earlier for Linux and Mac OS.

Available Updates

GlobalProtect Agent 4.1.13 and later for Linux and Mac OS and GlobalProtect Agent 5.0.5 and later for Linux and Mac OS.

Workarounds and Mitigations

N/A

Acknowledgements

Palo Alto Networks would like to thank Hanno Heinrichs of CrowdStrike Intelligence for reporting this issue.