Last revised: 12/05/2017
An "image path execution hijacking" vulnerability affects the Palo Alto Networks Global Protect Client. Exploitation of this issue requires the administration rights on the local station. An attacker could exploit this vulnerability to obtain a certain level of persistence on the compromised post. The rights obtained are the SYSTEM rights. (ref # GPC-4401 / CVE-2017-15870)
Successful exploitation requires local administrative privileges.
GlobalProtect agent 4.0.2 and earlier
PAN-OS 4.0.3 and later
Palo Alto Networks would like to thank Brandon McCann from CrowdStrike Inc. for reporting this issue