First published: Wed Jun 12 2024(Updated: )
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Cortex Xdr Agent Windows | >=7.9<7.9.102 | |
Paloaltonetworks Cortex Xdr Agent Windows | >=8.1<8.1.2 | |
Paloaltonetworks Cortex Xdr Agent Windows | >=8.2<8.2.1 |
This issue is fixed in Cortex XDR agent 7.9.102-CE, Cortex XDR agent 8.1.2, Cortex XDR agent 8.2.1, and all later Cortex XDR agent versions.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.