Skip to main content

Cortex Xdr Agent

16 CVEs product

Monthly

CVE-2026-0232 MEDIUM PATCH This Month

Cortex XDR agent on Windows versions 7.9-CE through 9.0 allows authenticated local administrators to disable the agent through a protection mechanism bypass, enabling malware to operate undetected. The vulnerability requires high privileges and local access, but creates a critical detection evasion vector when exploited by administratively compromised systems or insider threats. No public exploit code or active exploitation has been reported at time of analysis.

Paloalto Information Disclosure Microsoft Cortex Xdr Agent
NVD VulDB
CVSS 4.0
4.0
EPSS
0.0%
CVE-2024-9469 MEDIUM This Month

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Microsoft Cortex Xdr Agent
NVD
CVSS 4.0
5.7
EPSS
0.2%
CVE-2024-8690 MEDIUM This Month

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Microsoft Cortex Xdr Agent
NVD
CVSS 4.0
5.6
EPSS
0.2%
CVE-2024-5909 MEDIUM This Month

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Cortex Xdr Agent
NVD
CVSS 4.0
6.8
EPSS
0.4%
CVE-2024-5907 MEDIUM This Month

A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. Rated medium severity (CVSS 5.2). No vendor patch available.

Privilege Escalation Paloalto Microsoft Cortex Xdr Agent
NVD
CVSS 4.0
5.2
EPSS
0.1%
CVE-2024-5905 LOW Monitor

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. Rated low severity (CVSS 2.0). No vendor patch available.

Paloalto Information Disclosure Microsoft Cortex Xdr Agent
NVD
CVSS 4.0
2.0
EPSS
0.1%
CVE-2023-3280 MEDIUM This Month

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paloalto Microsoft Cortex Xdr Agent
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-0002 HIGH This Week

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paloalto Microsoft Cortex Xdr Agent
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-0001 MEDIUM POC This Month

An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paloalto Microsoft Cortex Xdr Agent
NVD GitHub
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-0029 MEDIUM This Month

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-0026 MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-0025 MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-3042 HIGH This Week

A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-3041 HIGH This Week

A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-2049 HIGH This Week

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Cortex Xdr Agent
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-2020 MEDIUM This Month

An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Cortex Xdr Agent
NVD
CVSS 3.1
5.5
EPSS
0.3%
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Cortex XDR agent on Windows versions 7.9-CE through 9.0 allows authenticated local administrators to disable the agent through a protection mechanism bypass, enabling malware to operate undetected. The vulnerability requires high privileges and local access, but creates a critical detection evasion vector when exploited by administratively compromised systems or insider threats. No public exploit code or active exploitation has been reported at time of analysis.

Paloalto Information Disclosure Microsoft +1
NVD VulDB
EPSS 0% CVSS 5.7
MEDIUM This Month

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. Rated medium severity (CVSS 5.2). No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 0% CVSS 2.0
LOW Monitor

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. Rated low severity (CVSS 2.0). No vendor patch available.

Paloalto Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paloalto Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paloalto Microsoft +1
NVD
EPSS 0% CVSS 6.7
MEDIUM POC This Month

An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paloalto Microsoft +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Paloalto +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Cortex Xdr Agent
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy