CVE-2026-0267 PUBLISHED

GlobalProtect App: Information Exposure Vulnerability on macOS

Assigner: palo_alto
Reserved: 03.11.2025 Published: 10.06.2026 Updated: 11.06.2026

An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the GlobalProtect app configuration would not normally permit them to do so.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber
CVSS Score: 4.4

Product Status

Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • affected from 6.3.0 to 6.3.3-h1 (excl.)
  • affected from 6.2.0 to 6.2.8-h2 (excl.)
Vendor Palo Alto Networks
Product GlobalProtect App
Versions Default: unaffected
  • Version All is unaffected
Vendor Palo Alto Networks
Product GlobalProtect UWP App
Versions Default: unaffected
  • Version All is unaffected

Exploits

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Credits

  • Palo Alto Networks thanks one of our customers for discovering and reporting this issue. finder

References

Problem Types

  • CWE-532 Insertion of Sensitive Information into Log File CWE

Impacts

  • CAPEC-155 Screen Temporary Files for Sensitive Information