Cortex Xdr Agent
CVE-2022-0026
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version.
AnalysisAI
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-282. A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version. Affected products include: Paloaltonetworks Cortex Xdr Agent.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Cortex Xdr Agent
View allA problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms t
A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that e
A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that al
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privile
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local syste
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local a
An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows us
Same weakness CWE-282 – Improper Ownership Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today