CVE-2026-0250 PUBLISHED

GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway

Assigner: palo_alto
Reserved: 03.11.2025 Published: 13.05.2026 Updated: 14.05.2026

A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect™ app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.

The GlobalProtect app on iOS is not affected.

Metrics

CVSS Vector: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber
CVSS Score: 5.2

Product Status

Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • affected from 6.3.0 to 6.3.3-h9 (6.3.3-999) (excl.)
  • affected from 6.2.0 to 6.2.8-h10 (6.2.8-948) (excl.)
Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • affected from 6.1 to 6.1.13 (excl.)
Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • affected from 6.3.0 to 6.3.3-h2 (6.3.3-42) (excl.)
  • affected from 6.0.0 to 6.0.11 (excl.)
Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • affected from 6.0 to 6.0.13 (excl.)
Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • affected from 6.0 to 6.0.14 (excl.)
Vendor Palo Alto Networks
Product GlobalProtect UWP App
Versions Default: unaffected
  • affected from 6.3 to 6.3.3-h10 (excl.)
Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • Version All is unaffected

Exploits

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Credits

  • our internal security research teams other

References

Problem Types

  • CWE-787 Out-of-bounds Write CWE

Impacts

  • CAPEC-540 Overread Buffers