VDB
CVE-2020-1988
CVE-2020-1988
PUBLISHED
CVSS 4.199999809265137 MEDIUM
An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk (C:\) or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5.0 versions before 5.0.5; 4.1 versions before 4.1.13 on Windows;
EPSS 0.13% · 32.1th percentile
Risk Scores
CVSS 3.1
4.199999809265137
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.13%
32.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Palo Alto Networks | Global Protect Agent | 5.0, 4.1 |
| paloaltonetworks | globalprotect | 4.1.0, 5.0.0 |
Exploit Intelligence
Timeline
- Apr 8, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://security.paloaltonetworks.com/CVE-2020-1990 advisory
- https://security.paloaltonetworks.com/CVE-2020-1978 advisory
- https://security.paloaltonetworks.com/CVE-2020-1984 advisory
- https://security.paloaltonetworks.com/CVE-2020-1992 advisory
- https://security.paloaltonetworks.com/CVE-2020-1989 advisory
- https://security.paloaltonetworks.com/CVE-2020-1985 advisory
- https://security.paloaltonetworks.com/PAN-SA-2020-0002 advisory
- https://security.paloaltonetworks.com/CVE-2020-1991 advisory
- https://security.paloaltonetworks.com/CVE-2020-1987 advisory
- https://security.paloaltonetworks.com/CVE-2020-1988 advisory
- https://security.paloaltonetworks.com/CVE-2020-1986 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-1988 advisory