cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-5921,https://securityvulnerability.io/vulnerability/CVE-2024-5921,Insufficient Certification Validation in Palo Alto Networks GlobalProtect Application,"Two critical vulnerabilities were discovered in the Palo Alto Networks GlobalProtect VPN app and the SonicWall SMA100 NetExtender VPN client for Windows. The vulnerability in the GlobalProtect app allows attackers to install malicious code with elevated privileges, while the vulnerability in the SonicWall client enables remote code execution with system privileges. Both vulnerabilities require the victim to connect to a malicious VPN server, which can be achieved through social engineering. The impact of these vulnerabilities is severe, and researchers have developed tools to demonstrate the attack methods. Mitigations and patches have been released for these vulnerabilities, but it is important for organizations to promptly address the issue to prevent potential exploitation.",Palo Alto Networks,"Globalprotect App,Globalprotect UWP App,Globalprotect iOS App",,,0.00044999999227002263,false,,true,false,true,2024-11-27T03:50:13.000Z,true,false,false,,2024-11-27T03:50:13.596Z,0