Lucene search
HistoryJun 12, 2024 - 5:15 p.m.
CVE-2024-5909
palo alto networks
cortex xdr
windows
vulnerability
malware
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.0%
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.
Affected configurations
Node
paloaltonetworkscortex_xdr_agentRange7.9–7.9.102critical_environmentwindows
ORpaloaltonetworkscortex_xdr_agentRange8.1–8.1.2windows
ORpaloaltonetworkscortex_xdr_agentRange8.2–8.2.1windows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| paloaltonetworks | cortex_xdr_agent | * | cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:critical_environment:windows:*:* |
| paloaltonetworks | cortex_xdr_agent | * | cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:windows:*:* |
Related
cve
cve
CVE-2024-5909
2024-06-12 17:15:53
vulnrichment
vulnrichment
CVE-2024-5909 Cortex XDR Agent: Local Windows User Can Disable the Agent
2024-06-12 16:29:23
cvelist
cvelist
CVE-2024-5909 Cortex XDR Agent: Local Windows User Can Disable the Agent
2024-06-12 16:29:23
paloalto
paloalto
Cortex XDR Agent: Local Windows User Can Disable the Agent
2024-06-12 16:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-5909