03-24-2025 01:21 PM
Our vulnerability scanner for the last couple weeks has been reporting vulnerabilities for GlobalProtect that are remediated with an upgrade to 6.3.3, but other than the vulnerability acknowledgement from PA mentioning it I do not see any evidence of 6.3.3 being released. The latest version I see in the "Software Updates" section of the customer portal is 6.3.2, and I don't see any release notes or even other mentions of it when googling. Am I missing something, or has this update not yet been released? If so, when can we expect it to be available?
03-24-2025 08:22 PM - edited 03-24-2025 08:22 PM
Hi @C.Osborn ,
Thanks for info, GP 6.3.3 is yet to release and it's expected to release in April 2025.
04-09-2025 10:12 AM
Also waiting for the 6.3.3 release we now have a 3rd known vulnerability, and the solution is to update to 6.3.3 which has yet to appear as an option when clicking Check Now.
Known Vulns fixed by moving to 6.3.3 are:
CVE-2025-0120 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
CVE-2025-0117 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
CVE-2025-0118 GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
