Information Disclosure in GlobalProtect Agent (PAN-SA-2019-0008)

Last revised: 04/11/2019


An information disclosure vulnerability exists in the GlobalProtect Agent for Windows and macOS (Ref # GPC-6025, GPC-6468/CVE-2019-1573/VU#192371).

Severity: Medium

Successful exploitation of this issue would allow an attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user. The endpoint would already have to be compromised for this vulnerability to work.

Products Affected

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS. GlobalProtect Agent for macOS 5.0 is NOT affected.

Available Updates

GlobalProtect Agent 4.1.1 and later for Windows, and GlobalProtect Agent 4.1.11 and later for macOS.

Workarounds and Mitigations