Code Injection Vulnerability in Palo Alto Networks Cortex XDR® Broker VM
CVE-2025-0134
6.5MEDIUM
Key Information:
- Vendor
Palo Alto Networks
- Status
- Vendor
- CVE Published:
- 14 May 2025
Badges
👾 Exploit Exists
What is CVE-2025-0134?
A vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows authenticated users to perform code injection, enabling the execution of arbitrary code with root privileges on the underlying operating system. This poses significant risks as it can lead to unauthorized access and control over sensitive systems. Users are advised to review their security protocols and apply necessary updates to mitigate the potential impact of this vulnerability.
Affected Version(s)
Cortex XDR Broker VM 26.0.0 < 26.0.119