Palo_altoCVELIST:CVE-2023-0002CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Cortex XDR agent",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "7.9 All"
},
{
"status": "unaffected",
"version": "7.8 All"
},
{
"changes": [
{
"at": "7.5.101-CE",
"status": "unaffected"
}
],
"lessThan": "7.5.101-CE",
"status": "affected",
"version": "7.5",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.0.12.22203",
"status": "unaffected"
}
],
"lessThan": "5.0.12.22203",
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
]Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%