A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.
History

Wed, 07 Aug 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Paloaltonetworks
Paloaltonetworks cortex Xdr Agent
CPEs cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:windows:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:critical_environment:windows:*:*
Vendors & Products Paloaltonetworks
Paloaltonetworks cortex Xdr Agent
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2024-06-12T16:29:23.822Z

Updated: 2024-08-01T21:25:03.192Z

Reserved: 2024-06-12T15:27:55.683Z

Link: CVE-2024-5909

cve-icon Vulnrichment

Updated: 2024-08-01T21:25:03.192Z

cve-icon NVD

Status : Modified

Published: 2024-06-12T17:15:53.370

Modified: 2024-11-21T09:48:33.737

Link: CVE-2024-5909

cve-icon Redhat

No data.