First published: Wed Sep 13 2023(Updated: )
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Palo Alto Networks Cortex XDR Agent | >=5.0<=5.0.12.22203 | |
Palo Alto Networks Cortex XDR Agent | >=7.9.0<7.9.3 | |
Palo Alto Networks Cortex XDR Agent | >=7.9.0<7.9.101 | |
Palo Alto Networks Cortex XDR Agent | >=8.0.0<8.0.2 | |
Palo Alto Networks Cortex XDR Agent | =7.5.102 | |
Microsoft Windows Operating System |
This issue is fixed in Cortex XDR agent 7.9.101-CE, Cortex XDR agent 7.9.3, Cortex XDR agent 8.0.2, and all later Cortex XDR agent versions.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-3280 is medium, with a severity value of 5.5.
The vulnerability in CVE-2023-3280 allows a local user to disable the Palo Alto Networks Cortex XDR Agent on Windows devices.
Versions 5.0 to 5.0.12.22203, 7.9.0 to 7.9.2, 7.9.0 to 7.9.100, and 8.0.0 to 8.0.1 of Palo Alto Networks Cortex XDR Agent are affected by CVE-2023-3280.
To fix the vulnerability in CVE-2023-3280, it is recommended to update Palo Alto Networks Cortex XDR Agent to a version that is not vulnerable.
You can find more information about CVE-2023-3280 at the following link: [CVE-2023-3280](https://security.paloaltonetworks.com/CVE-2023-3280)