Cortex Xdr Agent
CVE-2020-2049
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (paloaltonetworks) · only source for this CVE.
CVSS VectorVendor: paloaltonetworks
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory. This issue impacts: All versions of Cortex XDR Agent 7.1 with content update 149 and earlier versions; All versions of Cortex XDR Agent 7.2 with content update 149 and earlier versions.
AnalysisAI
A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-427. A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory. This issue impacts: All versions of Cortex XDR Agent 7.1 with content update 149 and earlier versions; All versions of Cortex XDR Agent 7.2 with content update 149 and earlier versions. Affected products include: Paloaltonetworks Cortex Xdr Agent.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Cortex Xdr Agent
View allA problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms t
A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that e
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privile
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local syste
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local a
An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows us
Same weakness CWE-427 – Uncontrolled Search Path Element
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today