Low Privileged User Can Disable Palo Alto Networks Cortex XDR Agent on Windows Devices
CVE-2024-5909

5.5MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cortex Xdr Agent
Vendor: CVE Published:; 12 June 2024

🔔 Create Palo Alto Networks Vulnerability Alert

What is CVE-2024-5909?

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

References

https://security.paloaltonetworks.com/CVE-2024-5909

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 12, 2024