Network Isolation Flaw in Palo Alto Networks Cortex XDR Broker VM
CVE-2025-0113

5.3MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cortex Xdr Broker Vm
Vendor: CVE Published:; 12 February 2025

Badges

👾 Exploit Exists

Summary

A vulnerability in the network isolation mechanism of Palo Alto Networks Cortex XDR Broker VM enables attackers to gain unauthorized access to Docker containers from the host network. This security lapse allows potential access to sensitive files and logs sent for analysis by the Cortex XDR Agent to the Cortex XDR server, posing serious risks to data integrity and security.

Affected Version(s)

Cortex XDR Broker VM 1.0.0 < 26.0.116

References

https://security.paloaltonetworks.com/CVE-2024-0113

vendor-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Feb 12, 2025
Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Dec 20, 2024

Credit

Julian Imper at Netcloud AG