Loading
Generated remediation guidance and an executive summary. No account required.
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to exploit this vulnerability, the authenticated user must navigate to a malicious page during the GlobalProtect SAML login process on a Windows device. This issue does not apply to the GlobalProtect app on other (non-Windows) platforms.
Use CWE-618, Paloaltonetworks vendor hub and Globalprotect product page to widen CVE-2025-0118 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-4232, CVE-2024-3661 and CVE-2025-0120 for nearby disclosures in the same product family.