Cortex Xdr Agent
CVE-2023-0002
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent.
AnalysisAI
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-693. A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent. Affected products include: Paloaltonetworks Cortex Xdr Agent.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Cortex Xdr Agent
View allA local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms t
A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that e
A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that al
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privile
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local syste
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local a
An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows us
Same weakness CWE-693 – Protection Mechanism Failure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today