Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber
Primary rating from Vendor (palo_alto) · only source for this CVE.
CVSS VectorVendor: palo_alto
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:M/U:Amber
Lifecycle Timeline
7DescriptionCVE.org
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection.
AnalysisAI
Cortex XDR agent on Windows versions 7.9-CE through 9.0 allows authenticated local administrators to disable the agent through a protection mechanism bypass, enabling malware to operate undetected. The vulnerability requires high privileges and local access, but creates a critical detection evasion vector when exploited by administratively compromised systems or insider threats. No public exploit code or active exploitation has been reported at time of analysis.
Technical ContextAI
Cortex XDR agent on Windows implements protection mechanisms (CWE-15: Improper Isolation or Containment of Security-Relevant Resources) designed to prevent unauthorized modification or termination of the security agent process. The vulnerability stems from insufficient validation or enforcement of these protective controls, allowing a local administrator with high privilege context (PR:H per CVSS vector) to bypass intended restrictions and disable the agent entirely. This affects the agent's core function as an endpoint detection and response (EDR) tool, rendering security monitoring on the compromised host ineffective. The affected product spans multiple version branches: Cortex XDR Agent 8.9.x (fixed in 8.9.1), 9.0.x (fixed in 9.0.1), 7.9-CE (fixed in 7.9-CE-CU-2120), 8.3-CE (fixed in 8.3-CE-CU-2120), and 8.7-CE (fixed in 8.7.101-CE), as identified via CPE cpe:2.3:a:palo_alto_networks:cortex_xdr_agent.
RemediationAI
Vendor-released patches are available: upgrade Cortex XDR Agent to version 8.9.1 or later for the 8.9 branch, 9.0.1 or later for the 9.0 branch, 7.9-CE-CU-2120 or later for 7.9-CE, 8.3-CE-CU-2120 or later for 8.3-CE, or 8.7.101-CE or later for 8.7-CE. Interim mitigation includes restricting local Windows administrator privileges on endpoints running Cortex XDR Agent, implementing privileged access management (PAM) to audit and limit admin account usage, and monitoring agent process status and integrity via existing SIEM or EDR tools if available. Organizations should prioritize patching systems where local admin credentials are widely distributed or shared. Consult https://security.paloaltonetworks.com/CVE-2026-0232 for detailed deployment guidance and version-specific patch availability.
More in Cortex Xdr Agent
View allA problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms t
A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that e
A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that al
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privile
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local syste
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that e
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with W
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local a
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-21895
GHSA-hvx7-jqjg-r7r7