PT-2021-18728 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Xavier Danest

Published

2021-07-15

Updated

2021-07-27

CVE-2021-3042

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Cortex XDR agent versions 6.1 through 7.3 without content update 181 or a later version

Description A local privilege escalation issue exists in the Palo Alto Networks Cortex XDR agent on Windows platforms, allowing an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have file creation privilege in the Windows root directory.

Recommendations For Cortex XDR agent versions 6.1 through 7.3, apply content update 181 or a later version to resolve the issue, as these updates are automatically applied for the agent.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2021-3042

Affected Products

Palo Alto Networks Cortex Xdr Agent

PT-2021-18728 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

CVE-2021-3042

Weakness Enumeration

Related Identifiers

Affected Products

References · 4