{"vulnerability": "CVE-2024-9473", "sightings": [{"uuid": "21d85e92-d22a-4db3-89d1-d4cd5817be19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9473", "type": "seen", "source": "https://security.paloaltonetworks.com/CVE-2024-9473", "content": "", "creation_timestamp": "2024-10-24T08:22:00.000000Z"}, {"uuid": "2827bdf6-54b4-4fc3-b2c8-e44376274333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9473", "type": "seen", "source": "MISP/4244ed47-99ec-4404-abf7-9551b0c5fd39", "content": "", "creation_timestamp": "2024-10-25T14:06:49.000000Z"}, {"uuid": "5eea9f8a-faa8-408b-a596-30f3e79fd32b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9473", "type": "seen", "source": "https://t.me/cvedetector/7504", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-9473 - Palo Alto Networks GlobalProtect Windows Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-9473 \nPublished : Oct. 9, 2024, 5:15 p.m. | 28\u00a0minutes ago \nDescription : A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T19:50:16.000000Z"}, {"uuid": "d1ae4f07-922d-4fb5-b05e-1a13dd49fcef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9473", "type": "seen", "source": "https://bsky.app/profile/ripjyr.bsky.social/post/3lw5ie43wnj2u", "content": "", "creation_timestamp": "2025-08-11T19:03:28.033518Z"}, {"uuid": "5c55b55d-e835-4d5f-acd9-aa20a004dff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9473", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11267", "content": "#exploit\n1. CVE-2024-5910:\nMissing Authentication Leads to Palo Alto Admin Account Takeover\nhttps://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise\n\n2. CVE-2024-9473:\nPalo Alto Global Protect LPE\nhttps://packetstormsecurity.com/files/182142\n\n3. CVE-2024-8698:\nImproper Verification of SAML Responses Leading to Privilege Escalation in Keycloak\nhttps://github.com/huydoppaz/CVE-2024-8698-POC", "creation_timestamp": "2024-10-12T06:26:23.000000Z"}, {"uuid": "49d9abc0-c4cb-4924-b0ce-e53020fd3da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9473", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/15674", "content": "\u200aResearcher Details Privilege Escalation in Palo Alto Networks\u2019 GlobalProtect MSI Installer (CVE-2024-9473)\n\nhttps://securityonline.info/researcher-details-privilege-escalation-in-palo-alto-networks-globalprotect-msi-installer-cve-2024-9473/", "creation_timestamp": "2024-10-10T09:20:30.000000Z"}, {"uuid": "299f85e2-7a90-4cbb-b681-bcbbc29f0708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9473", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3305", "content": "https://packetstormsecurity.com/files/182142\n\nPalo Alto Networks GlobalProtect Local Privilege Escalation\ncve-2024-9473\n#exploit", "creation_timestamp": "2024-10-14T10:27:39.000000Z"}]}