Lucene search
Palo_altoCVELIST:CVE-2024-5912HistoryJul 10, 2024 - 6:40 p.m.
CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks
2024-07-1018:40:16
CWE-347
palo_alto
www.cve.org
13
cve-2024-5912
palo alto networks
executable blocking
untrusted executables
security bypass
CVSS4
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:H/SI:N/VA:N/SA:N/AU:N/U:Amber/R:U/V:C/RE:M
EPSS
0
Percentile
9.3%
An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent’s executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Cortex XDR Agent",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "8.4",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.3-CE",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.3",
"versionType": "custom"
},
{
"changes": [
{
"at": "7.9.102-CE",
"status": "unaffected"
}
],
"lessThan": "7.9.102-CE",
"status": "affected",
"version": "7.9-CE",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.2.2",
"status": "unaffected"
}
],
"lessThan": "8.2.2",
"status": "affected",
"version": "8.2",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks
2024-07-10 18:40:16
paloalto
paloalto
Cortex XDR Agent: Improper File Signature Verification Checks
2024-07-10 16:00:00
nvd
nvd
CVE-2024-5912
2024-07-10 19:15:11
cve
cve
CVE-2024-5912
2024-07-10 19:15:11
CVSS4
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:H/SI:N/VA:N/SA:N/AU:N/U:Amber/R:U/V:C/RE:M
EPSS
0
Percentile
9.3%
Related for CVELIST:CVE-2024-5912