=====================================================================

                             CERT-Renater

                 Note d'Information No. 2021/VULN537
_____________________________________________________________________

DATE                : 15/10/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows, Universal Windows Platform running
                      GlobalProtect app versions prior to 5.2.8,
                Linux running GlobalProtect app versions prior to 5.3.1.

=====================================================================
https://securityadvisories.paloaltonetworks.com/CVE-2021-3057
_____________________________________________________________________

CVE-2021-3057 GlobalProtect App: Buffer Overflow Vulnerability When
Connecting to Portal or Gateway


Severity               8.1 · HIGH
Attack Vector          NETWORK
Attack Complexity      HIGH
Privileges Required    NONE
User Interaction       NONE
Scope                  UNCHANGED
Confidentiality Impact HIGH
Integrity Impact       HIGH
Availability Impact    HIGH
NVD JSON
Published              2021-10-13
Updated                2021-10-15
Reference              GPC-13039
Discovered externally


Description

A stack-based buffer overflow vulnerability exists in the Palo Alto
Networks GlobalProtect app that enables a man-in-the-middle attacker to
disrupt system processes and potentially execute arbitrary code with
SYSTEM privileges.


This issue impacts:

GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on
Linux.

GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on
Windows and Universal Windows Platform;

GlobalProtect app 5.1 versions on Windows;

GlobalProtect app 5.0 versions on Windows;


Product Status

Versions                 Affected                      Unaffected
GlobalProtect App 5.3	< 5.3.1 on Linux	       >= 5.3.1 on Linux
GlobalProtect App 5.2	< 5.2.8 on Windows,
                         Universal Windows Platform	>= 5.2.8 on
                                                      Windows, Universal
                                                       Windows Platform
GlobalProtect App 5.1	5.1.* on Windows	
GlobalProtect App 5.0	5.0.* on Windows	


Severity: HIGH

CVSSv3.1 Base Score: 8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)


Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this
issue.


Weakness Type

CWE-121 Stack-based Buffer Overflow


Solution

This issue is fixed in GlobalProtect app 5.2.8 on Windows and on
Universal Windows Platform, GlobalProtect app 5.3.1 on Linux, and all
later GlobalProtect app versions.


Workarounds and Mitigations

There are no known workarounds for this issue.


Acknowledgments

Palo Alto Networks thanks Tomas Rzepka of F-Secure for discovering and
reporting this issue.


Timeline

2021-10-13              Initial publication

=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================