Vulnerabilities > Paloaltonetworks > Cortex XDR Agent > 7.7

DATE CVE VULNERABILITY TITLE RISK
2022-09-14 CVE-2022-0029 Link Following vulnerability in Paloaltonetworks Cortex XDR Agent
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file.
local
low complexity
paloaltonetworks CWE-59
5.5
5.5
2022-05-11 CVE-2022-0026 Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges.
local
low complexity
paloaltonetworks
6.7
6.7