{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0250", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-11-03T20:44:11.022Z", "datePublished": "2026-05-13T18:26:51.927Z", "dateUpdated": "2026-05-13T18:43:27.294Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2026-05-13T18:26:51.927Z"}, "title": "GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway", "datePublic": "2026-05-13T16:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-540", "descriptions": [{"lang": "en", "value": "CAPEC-540 Overread Buffers"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Windows", "MacOS"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h9 (6.3.3-999)", "changes": [{"at": "6.3.3-h9 (6.3.3-999)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.2.0", "lessThan": "6.2.8-h10 (6.2.8-948)", "changes": [{"at": "6.2.8-h10 (6.2.8-948)", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Android", "Chrome OS"], "versions": [{"status": "affected", "version": "6.1", "lessThan": "6.1.13", "changes": [{"at": "6.1.13", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Linux"], "versions": [{"status": "affected", "version": "6.3.0", "lessThan": "6.3.3-h2 (6.3.3-42)", "changes": [{"at": "6.3.3-h2 (6.3.3-42)", "status": "unaffected"}], "versionType": "custom"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.0.11", "changes": [{"at": "6.0.11", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Windows", "MacOS"], "versions": [{"status": "affected", "version": "6.0", "lessThan": "6.0.13", "changes": [{"at": "6.0.13", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["Android", "Chrome OS"], "versions": [{"status": "affected", "version": "6.0", "lessThan": "6.0.14", "changes": [{"at": "6.0.14", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect UWP App", "platforms": ["Windows"], "versions": [{"status": "affected", "version": "6.3", "lessThan": "6.3.3-h10", "changes": [{"at": "6.3.3-h10", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "GlobalProtect App", "platforms": ["iOS"], "versions": [{"status": "unaffected", "version": "All", "versionType": "custom"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"operator": "OR", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:windows:*:*:*:*:*", "versionStartIncluding": "6.3.0", "versionEndExcluding": "6.3.3-h9_6.3.3-999_"}, {"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:macos:*:*:*:*:*", "versionStartIncluding": "6.3.0", "versionEndExcluding": "6.3.3-h9_6.3.3-999_"}, {"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:windows:*:*:*:*:*", "versionStartIncluding": "6.2.0", "versionEndExcluding": "6.2.8-h10_6.2.8-948_"}, {"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:macos:*:*:*:*:*", "versionStartIncluding": "6.2.0", "versionEndExcluding": "6.2.8-h10_6.2.8-948_"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:android:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.1.13"}, {"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:chrome_os:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.1.13"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:linux:*:*:*:*:*", "versionStartIncluding": "6.3.0", "versionEndExcluding": "6.3.3-h2_6.3.3-42_"}, {"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:linux:*:*:*:*:*", "versionStartIncluding": "6.0.0", "versionEndExcluding": "6.0.11"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:windows:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.0.13"}, {"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:macos:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.0.13"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:android:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.0.14"}, {"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:*:*:chrome_os:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.0.14"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_uwp_app:*:*:windows:*:*:*:*:*", "versionStartIncluding": "6.3", "versionEndExcluding": "6.3.3-h10"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:a:palo_alto_networks:globalprotect_app:all:*:ios:*:*:*:*:*"}]}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect\u2122 app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.\n\n\n\nThe GlobalProtect app on iOS is not affected.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect\u2122 app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.</p><p>The GlobalProtect app on iOS is not affected.</p>"}]}], "references": [{"url": "https://security.paloaltonetworks.com/CVE-2026-0250", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "Safety": "NOT_DEFINED", "Automatable": "NO", "Recovery": "USER", "valueDensity": "DIFFUSE", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.2, "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"}}], "configurations": [{"lang": "eng", "value": "No special configuration is required to be affected by this issue.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>No special configuration is required to be affected by this issue.</p>"}]}], "workarounds": [{"lang": "eng", "value": "No known workarounds exist for this issue.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>No known workarounds exist for this issue.</p>"}]}], "solutions": [{"lang": "eng", "value": "VERSION MINOR VERSION SUGGESTED SOLUTION\nGlobalProtect App 6.3 on Windows 6.3.0 through 6.3.3-h8 Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.2 on Windows 6.2.0 through 6.2.8-h9 Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.0 on Windows 6.0.0 through 6.0.12 Upgrade to 6.0.13 or later.\nGlobalProtect App 6.0 on Linux 6.0.0 through 6.0.10 Upgrade to 6.0.11 or later. \nGlobalProtect App 6.2/6.3 on Linux 6.2.0 through 6.3.3-h1 Upgrade to 6.3.3-h2 (6.3.3-42) or later.\nGlobalProtect App 6.3 on macOS 6.3.0 through 6.3.3-h8 Upgrade to 6.3.3-h9 (6.3.3-999) or later.\nGlobalProtect App 6.2 on macOS 6.2.0 through 6.2.8-h9 Upgrade to 6.2.8-h10 (6.2.8-948) or later.\nGlobalProtect App 6.0 on macOS 6.0.0 through 6.0.12 Upgrade to 6.0.13 or later.\nGlobalProtect App 6.1 on Android 6.1.0 through 6.1.12 Upgrade to 6.1.13 or later.\nGlobalProtect App 6.0 on Android 6.0.0 through 6.0.13 Upgrade to 6.0.14 or later.\nGlobalProtect App 6.1 on ChromeOS 6.1.0 through 6.1.12 Upgrade to 6.1.13 or later.\nGlobalProtect App 6.0 on ChromeOS 6.0.0 through 6.0.13 Upgrade to 6.0.14 or later.\nGlobalProtect UWP App 6.1.0 through 6.3.3-h9 Upgrade to 6.3.3-h10 or later.\nGlobalProtect App on iOS No action needed", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<table class=\"tbl\"><thead><tr><th>Version</th><th>Minor Version</th><th>Suggested Solution</th></tr></thead><tbody><tr><td>GlobalProtect App 6.3 on Windows</td><td>6.3.0 through 6.3.3-h8</td><td>Upgrade to 6.3.3-h9 (6.3.3-999) or later.</td></tr><tr><td>GlobalProtect App 6.2 on Windows</td><td>6.2.0 through 6.2.8-h9</td><td>Upgrade to 6.2.8-h10 (6.2.8-948) or later.</td></tr><tr><td>GlobalProtect App 6.0 on Windows</td><td>6.0.0 through 6.0.12</td><td>Upgrade to 6.0.13 or later.</td></tr><tr><td>GlobalProtect App 6.0 on Linux</td><td>6.0.0 through 6.0.10</td><td>Upgrade to 6.0.11 or later.&nbsp;</td></tr><tr><td>GlobalProtect App 6.2/6.3 on Linux</td><td>6.2.0 through 6.3.3-h1</td><td>Upgrade to 6.3.3-h2 (6.3.3-42) or later.</td></tr><tr><td>GlobalProtect App 6.3 on macOS</td><td>6.3.0 through 6.3.3-h8</td><td>Upgrade to 6.3.3-h9 (6.3.3-999) or later.</td></tr><tr><td>GlobalProtect App 6.2 on macOS</td><td>6.2.0 through 6.2.8-h9</td><td>Upgrade to 6.2.8-h10 (6.2.8-948) or later.</td></tr><tr><td>GlobalProtect App 6.0 on macOS</td><td>6.0.0 through 6.0.12</td><td>Upgrade to 6.0.13 or later.</td></tr><tr><td>GlobalProtect App 6.1 on Android</td><td>6.1.0 through 6.1.12</td><td>Upgrade to 6.1.13 or later.</td></tr><tr><td>GlobalProtect App 6.0 on Android</td><td>6.0.0 through 6.0.13</td><td>Upgrade to 6.0.14 or later.</td></tr><tr><td>GlobalProtect App 6.1 on ChromeOS</td><td>6.1.0 through 6.1.12</td><td>Upgrade to 6.1.13 or later.</td></tr><tr><td>GlobalProtect App 6.0 on ChromeOS</td><td>6.0.0 through 6.0.13</td><td>Upgrade to 6.0.14 or later.</td></tr><tr><td>GlobalProtect UWP App</td><td>6.1.0 through 6.3.3-h9</td><td>Upgrade to 6.3.3-h10 or later.</td></tr><tr><td>GlobalProtect App on iOS</td><td><br></td><td>No action needed</td></tr></tbody></table>"}]}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Palo Alto Networks is not aware of any malicious exploitation of this issue.</p>"}]}], "timeline": [{"time": "2026-05-13T16:00:00.000Z", "lang": "en", "value": "Initial Publication."}], "credits": [{"lang": "en", "value": "our internal security research teams", "type": "other"}], "source": {"discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-13T18:43:15.682964Z", "id": "CVE-2026-0250", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-13T18:43:27.294Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect\u2122 app that enables a man in the middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This vulnerability is triggered during the processing of requests and responses exchanged between Portal and Gateway.\n\n\n\nThe GlobalProtect app on iOS is not affected."}], "id": "CVE-2026-0250", "lastModified": "2026-05-13T19:16:59.260", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2026-05-13T19:16:59.260", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2026-0250"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}

{}