Vulnerabilities > Paloaltonetworks > Cortex XDR Agent
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-09 | CVE-2024-9469 | Improper Check for Unusual or Exceptional Conditions vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. | 5.5 |
| 2024-09-11 | CVE-2024-8690 | Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent 7.9.102 A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. | 4.4 |
| 2024-06-12 | CVE-2024-5905 | Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent 7.9.0/7.9.101 A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. | 4.4 |
| 2024-06-12 | CVE-2024-5907 | Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. | 7.0 |
| 2024-06-12 | CVE-2024-5909 | Improper Privilege Management vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. | 5.5 |
| 2023-09-13 | CVE-2023-3280 | Improper Handling of Exceptional Conditions vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent. | 5.5 |
| 2023-02-08 | CVE-2023-0001 | Cleartext Transmission of Sensitive Information vulnerability in Paloaltonetworks Cortex XDR Agent 7.5 An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent. | 6.7 |
| 2023-02-08 | CVE-2023-0002 | Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent. | 7.8 |
| 2022-09-14 | CVE-2022-0029 | Link Following vulnerability in Paloaltonetworks Cortex XDR Agent An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file. | 5.5 |
| 2022-05-11 | CVE-2022-0025 | Uncontrolled Search Path Element vulnerability in Paloaltonetworks Cortex XDR Agent 7.7.1 A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. | 6.7 |