Difficult-to-exploit privilege escalation vulnerability in Palo Alto Networks Cortex XDR agent on Windows devices

CVE-2024-5907

7HIGH

Key Information

Status
Cortex Xdr Agent
Vendor
CVE Published:
12 June 2024

Badges

👾 Exploit Exists

Summary

A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit.

Affected Version(s)

Cortex XDR Agent < 7.9.102-CE

Cortex XDR Agent = 8.1.0

Cortex XDR Agent < 8.2.3

Refferences

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

Collectors

NVD DatabaseMitre Database

Credit

Palo Alto Networks thanks Orange Cyberdefense Switzerland's Research Team for discovering and reporting this issue.
.