Difficult-to-exploit privilege escalation vulnerability in Palo Alto Networks Cortex XDR agent on Windows devices
CVE-2024-5907
7HIGH
Key Information
- Vendor
- Palo Alto Networks
- Status
- Cortex Xdr Agent
- Vendor
- CVE Published:
- 12 June 2024
Badges
👾 Exploit Exists
Summary
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit.
Affected Version(s)
Cortex XDR Agent < 7.9.102-CE
Cortex XDR Agent = 8.1.0
Cortex XDR Agent < 8.2.3
Refferences
CVSS V3.1
Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
- 👾
Exploit known to exist
Vulnerability published
Collectors
NVD DatabaseMitre Database
Credit
Palo Alto Networks thanks Orange Cyberdefense Switzerland's Research Team for discovering and reporting this issue.