PT-2023-1382 · Palo Alto Networks · Cortex Xdr Agent

Fernando Romero De La Morena

Publicado

2023-02-08

Atualizado

2023-02-18

CVE-2023-0002

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cortex XDR Agent versions (affected versions not specified)

Description The issue is related to a problem with a protection mechanism in the Cortex XDR agent on Windows devices, allowing a local user to execute privileged commands. This can enable an attacker to disable or uninstall the agent, potentially leading to the execution of arbitrary commands.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Protection Mechanism Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-693

Identificadores relacionados

BDU:2023-00740

CVE-2023-0002

Produtos afetados

Cortex Xdr Agent

PT-2023-1382 · Palo Alto Networks · Cortex Xdr Agent

CVE-2023-0002

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6