Overview
- Description
- An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint. GlobalProtect App for Android is under evaluation. Please subscribe to our RSS feed https://security.paloaltonetworks.com/rss.xml to be alerted to new updates to this and other advisories.
- Source
- psirt@paloaltonetworks.com
- NVD status
- Received
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 7.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
- Severity
- HIGH
Weaknesses
- psirt@paloaltonetworks.com
- CWE-295
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
5
Threat Alert: New NachoVPN attack uses rogue VPN servers to install malicious updates CVE-2024-29014 CVE-2024-5921 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/9cTrCvs1qO #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
27 Nov 2024
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
パロアルトネットワークス社とSonicWallのVPNにおける悪用可能な脆弱性が開示された。CVE-2024-5921はパロアルト社GlobalProtectの各クライアントを任意のサーバに接続させることができ、悪意あるroot証明書の導入につながる可能性。 https://t.co/eKoOCRikrx CVE-2024-29014はSoniWallのNetExtender… https://t.co/44w8DfJOoL
@__kokumoto
26 Nov 2024
2681 Impressions
14 Retweets
39 Likes
6 Bookmarks
1 Reply
0 Quotes
Today, AmberWolf released two blog posts and our tool "NachoVPN" to target vulnerabilities in major VPNs, including CVE-2024-29014 (SonicWall NetExtender SYSTEM RCE) and CVE-2024-5921 (Palo Alto GlobalProtect RCE and Priv Esc), after our SANS HackFest presentation.🧵
@AmberWolfSec
26 Nov 2024
6980 Impressions
24 Retweets
47 Likes
13 Bookmarks
1 Reply
2 Quotes
⚠️⚠️ CVE-2024-5921: Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code Could allow attackers to install malicious software on endpoints. 🎯1.4m+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link:https://t.co/BMfEoFXjS9 FOFA… htt
@fofabot
26 Nov 2024
896 Impressions
0 Retweets
7 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2024-5921 GlobalProtect App 証明書検証が不十分な問題により、攻撃者がGlobalProtect Appを任意のサーバーに接続できる可能性 この脆弱性を悪用されると、攻撃者が悪意のあるソフトウェアを署名し、エンドポイントにインストールするリスクが生じます。早急に対応することを推奨します。 https://t.co/b6t71M4ikM
@t_nihonmatsu
26 Nov 2024
415 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921) https://t.co/cp2ag07G1Y
@Dinosn
26 Nov 2024
2659 Impressions
9 Retweets
27 Likes
5 Bookmarks
0 Replies
0 Quotes