CVE-2025-4232
HIGHDescription
An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.
Is your site exposed to CVE-2025-4232?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| paloaltonetworks | globalprotect |
| paloaltonetworks | globalprotect |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-4232? +
How severe is CVE-2025-4232? +
What products are affected by CVE-2025-4232? +
How do I check if I'm vulnerable to CVE-2025-4232? +
Related Vulnerabilities
The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard …
Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a …
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible …
Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API alwaysmulti.cgi was vulnerable for file …
kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can …
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi, create_overlay.cgi and irissetup.cgi …