PT-2022-12960 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent
Xavier Danest
+1
·
Published
2022-05-11
·
Updated
2022-12-09
·
CVE-2022-0026
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Palo Alto Networks Cortex XDR agent versions prior to content update 330
Description
A local privilege escalation issue exists in the Palo Alto Networks Cortex XDR agent software on Windows, allowing an authenticated local user with file creation privilege in the Windows root directory to execute a program with elevated privileges.
Recommendations
For versions prior to content update 330, apply a content update of version 330 or later to resolve the issue. As a temporary workaround, consider restricting file creation privileges in the Windows root directory to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Palo Alto Networks Cortex Xdr Agent