Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent · CVE-2022-0026
**Name of the Vulnerable Software and Affected Versions**
Palo Alto Networks Cortex XDR agent versions prior to content update 330
**Description**
A local privilege escalation issue exists in the Palo Alto Networks Cortex XDR agent software on Windows, allowing an authenticated local user with file creation privilege in the Windows root directory to execute a program with elevated privileges.
**Recommendations**
For versions prior to content update 330, apply a content update of version 330 or later to resolve the issue. As a temporary workaround, consider restricting file creation privileges in the Windows root directory to minimize the risk of exploitation.