Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cortex_xdr_agent
(Paloaltonetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-05-11 | CVE-2022-0025 | A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact... | Cortex_xdr_agent | 6.7 | ||
| 2022-09-14 | CVE-2022-0029 | An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file. | Cortex_xdr_agent | 5.5 | ||
| 2023-02-08 | CVE-2023-0001 | An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent. | Cortex_xdr_agent | 6.7 | ||
| 2023-02-08 | CVE-2023-0002 | A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent. | Cortex_xdr_agent | 7.8 | ||
| 2023-09-13 | CVE-2023-3280 | A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent. | Cortex_xdr_agent | 5.5 | ||
| 2024-06-12 | CVE-2024-5905 | A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability. | Cortex_xdr_agent | 4.4 | ||
| 2024-06-12 | CVE-2024-5907 | A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit. | Cortex_xdr_agent | 7.0 | ||
| 2024-06-12 | CVE-2024-5909 | A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity. | Cortex_xdr_agent | 5.5 | ||
| 2024-09-11 | CVE-2024-8690 | A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity. | Cortex_xdr_agent | 4.4 | ||
| 2024-10-09 | CVE-2024-9469 | A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity. | Cortex_xdr_agent | 5.5 |