CVE-2019-1573

low-risk
Published 2019-04-09

GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the user.

Do I need to act?

-
0.23% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.5/10 Low
LOCAL / HIGH complexity

Affected Products (2)

Affected Vendors

Paloaltonetworks

References (10)

Third Party Advisory http://www.securityfocus.com/bid/107868
Third Party Advisory https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005
Vendor Advisory https://security.paloaltonetworks.com/CVE-2019-1573
Third Party Advisory https://www.broadcom.com/support/fibre-channel-networking/security-advisories/br...
Third Party Advisory https://www.kb.cert.org/vuls/id/192371
Third Party Advisory http://www.securityfocus.com/bid/107868
Third Party Advisory https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0005
Vendor Advisory https://security.paloaltonetworks.com/CVE-2019-1573
Third Party Advisory https://www.broadcom.com/support/fibre-channel-networking/security-advisories/br...
Third Party Advisory https://www.kb.cert.org/vuls/id/192371
14
/ 100
low-risk
Severity 6/34 · Minimal
Exploitability 1/34 · Minimal
Exposure 7/34 · Low