EUVD-2022-15233

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Improper link resolution in Cortex XDR agent allows local users to delete system files and disrupt integrity

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2022-0012	12 Jan 202220:17	–	circl
CNNVD	Palo Alto Networks Cortex XDR 后置链接漏洞	12 Jan 202200:00	–	cnnvd
CVE	CVE-2022-0012	12 Jan 202217:30	–	cve
Cvelist	CVE-2022-0012 Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability	12 Jan 202217:30	–	cvelist
NVD	CVE-2022-0012	12 Jan 202218:15	–	nvd
OSV	CVE-2022-0012	12 Jan 202218:15	–	osv
Palo Alto Networks	Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability	12 Jan 202217:00	–	paloalto
Prion	Design/Logic Flaw	12 Jan 202218:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "7736c196-f944-3ad1-8851-d99d6e3f059b",
        "vendor": {
          "name": "Palo Alto Networks"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1179cbd1-f832-37a4-b5d5-607b8ed5def0",
        "product": {
          "name": "Cortex XDR Agent"
        },
        "product_version": "6.1 <6.1.9"
      },
      {
        "id": "49a4fbe2-c997-373f-8745-853616732992",
        "product": {
          "name": "Cortex XDR Agent"
        },
        "product_version": "7.2 <7.2.4"
      },
      {
        "id": "57592449-648e-3bc1-b988-54ea3f61b307",
        "product": {
          "name": "Cortex XDR Agent"
        },
        "product_version": "7.3 <7.3.2"
      },
      {
        "id": "80b08f1d-8e4c-332c-837e-064ea15f8ad6",
        "product": {
          "name": "Cortex XDR Agent"
        },
        "product_version": "5.0 <5.0.12"
      }
    ]
  }
]

Source	Link
security	www.security.paloaltonetworks.com/CVE-2022-0012

03 Oct 2025 20:07Current

7High risk

Vulners AI Score7

CVSS 3.16.1 - 7.1

CVSS 23.6

EPSS0.0004