Cortex XDR Agent Windows PE via Race Condition
CVE-2024-5907 Published on June 12, 2024
Cortex XDR Agent: Local Privilege Escalation (PE) Vulnerability
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit.
Timeline
Initial publication
Weakness Type
Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2024-5907
Want to know whenever a new CVE is published for Palo Alto Networks Cortex Xdr Agent? stack.watch will email you.
Affected Versions
Palo Alto Networks Cortex XDR Agent:- Version 7.9-CE and below 7.9.102-CE is affected.
- Version 8.1.0 is affected.
- Version 8.2.0 and below 8.2.3 is affected.
- Version 8.3.0 and below 8.3.1 is affected.
- Version 8.4.0 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.