Vulnerabilities > CVE-2024-8690 - Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent 7.9.102

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

paloaltonetworks

NVD

Published: 2024-09-11

Updated: 2024-10-15

Summary

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

Vulnerable Configurations

Part	Description	Count
Application	Paloaltonetworks Paloaltonetworks Cortex XDR Agent 7.9.102	1
OS	Microsoft Microsoft Windows -	1

References

https://security.paloaltonetworks.com/CVE-2024-8690