<ul data-eligibleForWebStory="true"><li>Palo Alto Networks addressed multiple privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products.</li><li>The company fixed seven privilege escalation flaws and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser.</li><li>The most severe vulnerability, CVE-2025-4232, allows authenticated code injection through wildcard on macOS with a CVSS score of 7.1.</li><li>A vulnerability in the log collection feature of GlobalProtect app on macOS allows non-admin users to escalate privileges to root.</li><li>Palo Alto Networks also addressed a PAN-OS Authenticated Admin Command Injection Vulnerability (CVE-2025-4231) affecting the Management Web Interface.</li><li>The company fixed a PAN-OS flaw (CVE-2025-4228) exposing unencrypted SD-WAN data and a Cortex XDR Broker VM bug allowing attackers to escalate privileges to root.</li><li>Palo Alto Networks is not aware of any attacks exploiting these vulnerabilities in the wild.</li></ul>

Palo Alto Networks fixed multiple privilege escalation flaws

Discover more