Vulnerabilities > Paloaltonetworks > Cortex XDR Agent > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-09 | CVE-2024-9469 | Improper Check for Unusual or Exceptional Conditions vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. | 5.5 |
| 2024-09-11 | CVE-2024-8690 | Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent 7.9.102 A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. | 4.4 |
| 2024-06-12 | CVE-2024-5905 | Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent 7.9.0/7.9.101 A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. | 4.4 |
| 2024-06-12 | CVE-2024-5909 | Improper Privilege Management vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. | 5.5 |
| 2023-09-13 | CVE-2023-3280 | Improper Handling of Exceptional Conditions vulnerability in Paloaltonetworks Cortex XDR Agent A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent. | 5.5 |
| 2023-02-08 | CVE-2023-0001 | Cleartext Transmission of Sensitive Information vulnerability in Paloaltonetworks Cortex XDR Agent 7.5/7.5.101 An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent. | 6.7 |
| 2022-05-11 | CVE-2022-0026 | Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. | 6.7 |
| 2022-01-12 | CVE-2022-0014 | Untrusted Search Path vulnerability in Paloaltonetworks Cortex XDR Agent An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\) to store a program that can then be unintentionally executed by another local user when that user utilizes a Live Terminal session. | 6.9 |
| 2022-01-12 | CVE-2022-0015 | Uncontrolled Search Path Element vulnerability in Paloaltonetworks Cortex XDR Agent A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. | 4.6 |