CVE-2025-0131

Year

2025

Published

May 14, 2025

Known Affected Devices

CVSS Score

N/A

What is CVE-2025-0131?

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit.

Known Affected Devices

Palo Alto Networks Palo Alto PA-410 Palo Alto Networks Palo Alto PA-1410 Palo Alto Networks Palo Alto PA-3410 Palo Alto Networks Palo Alto PA-7080

FAQ

How severe is CVE-2025-0131?

CVE-2025-0131 has a CVSS score of N/A/10, rated as Unknown. Review the affected products list and apply vendor patches.

What does the CVSS score mean for CVE-2025-0131?

CVSS (Common Vulnerability Scoring System) rates vulnerability severity from 0.0 to 10.0. CVE-2025-0131 scores N/A/10 (Unknown). Scores 9.0–10.0 are Critical, 7.0–8.9 are High, 4.0–6.9 are Medium, and below 4.0 are Low.

Which devices are affected by CVE-2025-0131?

The list of devices confirmed to be affected by CVE-2025-0131 is shown in the "Affected Devices" section above. Check your firmware version against the vendor security advisory and apply the latest patch.

How do I fix or mitigate CVE-2025-0131?

Apply the latest firmware or software update from the vendor. Check the References section above for official advisories and patch notes. If no patch is available, consider disabling the affected feature or isolating the device from untrusted networks.