Vulnerability Description
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit.
Related Weaknesses (CWE)
References
- https://security.paloaltonetworks.com/CVE-2025-0131
- https://www.opswat.com/docs/mdsdk/release-notes/cve-2025-0131
FAQ
What is CVE-2025-0131?
CVE-2025-0131 is a documented vulnerability. An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non...
How severe is CVE-2025-0131?
CVSS scoring is not yet available for CVE-2025-0131. Check NVD for updates.
Is there a patch for CVE-2025-0131?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.