An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.