What is the severity of CVE-2024-8690?

CVE-2024-8690 is considered a critical vulnerability affecting the Palo Alto Networks Cortex XDR agent.

How do I fix CVE-2024-8690?

To remediate CVE-2024-8690, ensure that the Cortex XDR agent is updated to the latest version that addresses this vulnerability.

Who is affected by CVE-2024-8690?

CVE-2024-8690 affects users with Windows administrator privileges who have the Palo Alto Networks Cortex XDR agent installed.

What can someone do to mitigate the risk of CVE-2024-8690?

To mitigate the risk of CVE-2024-8690, restrict administrative access and monitor for unauthorized attempts to disable the Cortex XDR agent.

Is there a known exploit for CVE-2024-8690?

While specific exploits for CVE-2024-8690 have not been publicly disclosed, the vulnerability could be leveraged by malware to disable the security agent.

Vulnerability/
CVE-2024-8690

medium

5.6

CWE

440

EPSS

0.043%

11/9/2024

15/10/2024

CVE-2024-8690: Cortex XDR Agent: Local Windows Administrator Can Disable the Agent (Severity: MEDIUM)

First published: Wed Sep 11 2024(Updated: )

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

Credit: psirt@paloaltonetworks.com

Affected Software	Affected Version	How to fix
All of
Palo Alto Networks Cortex XDR Agent	=7.9.102
Microsoft Windows
Cortex XDR

Remedy

This issue is fixed in Cortex XDR Agent 8.2, and all later Cortex XDR Agent versions.

Never miss a vulnerability like this again

Reference Links

https://security.paloaltonetworks.com/CVE-2024-8690

Frequently Asked Questions

What is the severity of CVE-2024-8690?
CVE-2024-8690 is considered a critical vulnerability affecting the Palo Alto Networks Cortex XDR agent.
How do I fix CVE-2024-8690?
To remediate CVE-2024-8690, ensure that the Cortex XDR agent is updated to the latest version that addresses this vulnerability.
Who is affected by CVE-2024-8690?
CVE-2024-8690 affects users with Windows administrator privileges who have the Palo Alto Networks Cortex XDR agent installed.
What can someone do to mitigate the risk of CVE-2024-8690?
To mitigate the risk of CVE-2024-8690, restrict administrative access and monitor for unauthorized attempts to disable the Cortex XDR agent.
Is there a known exploit for CVE-2024-8690?
While specific exploits for CVE-2024-8690 have not been publicly disclosed, the vulnerability could be leveraged by malware to disable the security agent.

agent/remedy
agent/references
agent/weakness
agent/description
agent/type
agent/author
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/epss-latest
source/FIRST
agent/epss
collector/paloaltonetworks-latest
source/Palo Alto Networks
agent/title
agent/first-publish-date
agent/severity
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/paloaltonetworks-api
vendor/paloaltonetworks
canonical/palo alto networks cortex xdr agent
version/palo alto networks cortex xdr agent/7.9.102
vendor/microsoft
canonical/microsoft windows
vendor/palo alto networks
canonical/cortex xdr

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.