Cortex Xdr Agent
CVE-2024-5907
MEDIUM
Severity by source
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Primary rating from Vendor (paloaltonetworks) · only source for this CVE.
CVSS VectorVendor: paloaltonetworks
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Lifecycle Timeline
1DescriptionCVE.org
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit.
AnalysisAI
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. Rated medium severity (CVSS 5.2). No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit. Affected products include: Paloaltonetworks Cortex Xdr Agent.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
More in Cortex Xdr Agent
View allA problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms t
A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that e
A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that al
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privile
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local syste
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local a
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today