Vulnerability in Cortex XDR Agent Affects Windows Devices by Palo Alto Networks
CVE-2025-0112

6.8MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cortex Xdr Agent
Vendor: CVE Published:; 20 February 2025

Badges

👾 Exploit Exists

Summary

A flaw in the detection mechanism of the Cortex XDR agent on Windows systems allows users without administrative rights to disable the agent. This vulnerability potentially opens the door for malware to disable the security agent, subsequently facilitating malicious activities on the affected systems. The issue underscores the importance of robust security measures to prevent unauthorized access and safeguard against exploitation by harmful software.

Affected Version(s)

Cortex XDR Agent Windows 8.3-CE < 8.3.101-CE

Cortex XDR Agent Windows 8.4.0

Cortex XDR Agent Windows 8.5.0 < 8.5.1

References

https://security.paloaltonetworks.com/CVE-2025-0112

vendor-advisory

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Feb 20, 2025
Vulnerability published
Feb 20, 2025