Palo_altoCVELIST:CVE-2022-0026CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.1%
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version.
CNA Affected
[
{
"platforms": [
"Windows"
],
"product": "Cortex XDR Agent",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "7.7.* without CU-330"
},
{
"status": "unaffected",
"version": "7.7.* with CU-330"
},
{
"status": "affected",
"version": "7.6.* without CU-330"
},
{
"status": "unaffected",
"version": "7.6.* with CU-330"
},
{
"status": "affected",
"version": "7.5 CE 7.5.* without CU-330"
},
{
"status": "unaffected",
"version": "7.5 CE 7.5.* with CU-330"
},
{
"status": "affected",
"version": "7.4.* without CU-330"
},
{
"status": "unaffected",
"version": "7.4.* with CU-330"
},
{
"status": "affected",
"version": "6.1.* without CU-330"
},
{
"status": "unaffected",
"version": "6.1.* with CU-330"
},
{
"status": "affected",
"version": "7.5.* without CU-330"
},
{
"status": "unaffected",
"version": "7.5.* with CU-330"
}
]
}
]Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
5.1%