Palo Alto Networks Cortex Xdr Agent
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Palo Alto Networks Cortex Xdr Agent.
By the Year
In 2026 there have been 1 vulnerability in Palo Alto Networks Cortex Xdr Agent. Cortex Xdr Agent did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 5 | 5.36 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.80 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 5.50 |
It may take a day or so for new Cortex Xdr Agent vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Palo Alto Networks Cortex Xdr Agent Security Vulnerabilities
Local Admin Can Disable Palo Alto Cortex XDR on macOS
CVE-2026-0230
- March 11, 2026
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection.
Improper Check for Unusual or Exceptional Conditions
Cortex XDR Agent: Non-Admin Can Disable via Detection Bypass
CVE-2024-9469
5.5 - Medium
- October 09, 2024
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.
Improper Check for Unusual or Exceptional Conditions
CVE-2024-8690: Admin-Privilege Enable Agent Disable in Palo Alto XDR for Windows
CVE-2024-8690
4.4 - Medium
- September 11, 2024
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.
Cortex XDR Agent Windows Local-Priv User Can Disable Agent
CVE-2024-5909
5.5 - Medium
- June 12, 2024
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.
Improper Privilege Management
Cortex XDR Agent Windows PE via Race Condition
CVE-2024-5907
7 - High
- June 12, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit.
CVE-2024-5905: Local Low-Privileged Disruption of Cortex XDR Agent
CVE-2024-5905
4.4 - Medium
- June 12, 2024
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability.
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent
CVE-2022-0015
7.8 - High
- January 12, 2022
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9.
DLL preloading
An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory
CVE-2020-2020
5.5 - Medium
- December 09, 2020
An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2.
Improper Handling of Exceptional Conditions
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Palo Alto Networks Cortex Xdr Agent or by Palo Alto Networks? Click the Watch button to subscribe.
