CVE-2020-1976: 
Palo Alto Networks GlobalProtect Agent vulnerability analysis and mitigation

A denial-of-service (DoS) vulnerability was discovered in Palo Alto Networks GlobalProtect App running on Mac OS (CVE-2020-1976). The vulnerability affects GlobalProtect App versions 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS, allowing authenticated local users to cause the Mac OS kernel to hang or crash. The issue was discovered during a security test performed in collaboration with IOActive and was disclosed on February 12, 2020 (Palo Alto).

The vulnerability has been assigned a CVSS v3.1 base score of 4.7 (MEDIUM) with the following vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H. The vulnerability is classified under CWE-642 (External Control of Critical State Data) and CWE-20 (Improper Input Validation). The attack requires local access with low privileges and high attack complexity, with no user interaction needed (NVD).

When exploited, this vulnerability can result in a denial-of-service condition where the Mac OS kernel either hangs or crashes. The vulnerability only affects availability (High impact) while having no impact on confidentiality or integrity of the system (Palo Alto).

The vulnerability has been fixed in GlobalProtect App 5.0.6, GlobalProtect App 5.1.0, and all later versions. Users are advised to upgrade to these patched versions to mitigate the vulnerability (Palo Alto).