CVE-2024-5905: Local Low-Privileged Disruption of Cortex XDR Agent
CVE-2024-5905 Published on June 12, 2024
Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability.
Timeline
Initial publication
Weakness Type
Origin Validation Error
The software does not properly verify that the source of data or communication is valid.
Products Associated with CVE-2024-5905
Want to know whenever a new CVE is published for Palo Alto Networks Cortex Xdr Agent? stack.watch will email you.
Affected Versions
Palo Alto Networks Cortex XDR Agent:- Version 7.9-CE and below 7.9.102-CE is affected.
- Version 8.1.0 and below 8.1.2 is affected.
- Version 8.2.0 and below 8.2.1 is affected.
- Version 8.3.0 is unaffected.
- Version 8.4.0 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.