PT-2024-5017 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent
Maximilan Pappert
·
Published
2024-07-10
·
Updated
2024-07-11
·
CVE-2024-5912
CVSS v4.0
6.8
Medium
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber |
Name of the Vulnerable Software and Affected Versions:
Palo Alto Networks Cortex XDR agent (affected versions not specified)
Description:
The issue is related to an improper file signature check in the Palo Alto Networks Cortex XDR agent, which may allow an attacker to bypass the agent's executable blocking capabilities. This can enable the execution of untrusted executables on the device without being detected or blocked, potentially leading to the execution of untrusted software.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Verification of Cryptographic Signature
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Palo Alto Networks Cortex Xdr Agent