CVE-2025-0118

GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability

Description

A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to exploit this vulnerability, the authenticated user must navigate to a malicious page during the GlobalProtect SAML login process on a Windows device. This issue does not apply to the GlobalProtect app on other (non-Windows) platforms.

INFO

Published Date :

2025-03-12T18:36:44.290Z

Last Modified :

2025-03-12T18:52:08.115Z

Source :

palo_alto

AFFECTED PRODUCTS

The following products are affected by CVE-2025-0118 vulnerability.

Vendors	Products
Paloaltonetworks	Globalprotect App

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-0118.

URL	Resource
https://security.paloaltonetworks.com/CVE-2025-0118

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability