Lucene search
Palo Alto Networks Product Security Incident Response TeamPA-CVE-2023-0002HistoryFeb 08, 2023 - 5:00 p.m.
Cortex XDR Agent: Product Disruption by Local Windows User
2023-02-0817:00:00
Palo Alto Networks Product Security Incident Response Team
securityadvisories.paloaltonetworks.com
25
palo alto networks
cortex xdr
windows
local user
privileged commands
disruption
software
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent.
Work around:
There are no known workarounds for this issue.
Affected configurations
Node
softwarecortex_xdr_agentRange<5.0.12.22203 on Windows
ORsoftwarecortex_xdr_agentRange<7.5.101-CE on Windows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| software | cortex_xdr_agent | * | cpe:2.3:a:software:cortex_xdr_agent:*:*:*:*:*:*:*:* |
Related
nessus
nessus
Palo Alto Cortex XDR Agent 5.x < 5.0.12.22203 / 7.5.x < 7.5.101-CE DoS
2023-05-30 00:00:00
cvelist
cvelist
CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User
2023-02-08 17:21:47
prion
prion
Command injection
2023-02-08 18:15:00
nvd
nvd
CVE-2023-0002
2023-02-08 18:15:11
cve
cve
CVE-2023-0002
2023-02-08 18:15:11
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for PA-CVE-2023-0002