CVE-2026-0231

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

EUVD-2026-11251

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

CVE-2026-0231

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

CVE-2026-0231 Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

CVE-2026-0231

Summary: An information disclosure vulnerability in Palo Alto Networks Cortex XDR Broker VM allows an authenticated, HIGH-privilege user with LOCAL access to trigger a live terminal session through the Cortex UI and modify configuration settings, exposing sensitive information and affecting confi...

CVE-2026-0231 Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

PT-2026-24755

An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broke...

CVE-2022-0014

An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory such as C:\ to store a program that can then be unintentionally executed by another local user when that user utilizes ...

Design/Logic Flaw

An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory such as C:\ to store a program that can then be unintentionally executed by another local user when that user utilizes ...

Cortex XDR Agent: Unintended Program Execution When Using Live Terminal Session

An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory such as C:\ to store a program that can then be unintentionally executed by another local user when that user utilizes ...