CVE-2023-3280 Cortex XDR Agent: Local Windows User Can Disable the Agent
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.
Versions | Affected | Unaffected |
---|---|---|
Cortex XDR Agent 8.1 | None | All |
Cortex XDR Agent 8.0 | < 8.0.2 on Windows | >= 8.0.2 |
Cortex XDR Agent 7.9-CE | < 7.9.101-CE on Windows | >= 7.9.101-CE |
Cortex XDR Agent 7.9 | < 7.9.3 on Windows | >= 7.9.3 |
Cortex XDR Agent 7.5-CE | All on Windows | |
Cortex XDR Agent 5.0 | All on Windows |
CVSSv3.1 Base Score:5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Palo Alto Networks is not aware of any malicious exploitation of this issue.
CWE-755 Improper Handling of Exceptional Conditions
This issue is fixed in Cortex XDR agent 7.9.101-CE, Cortex XDR agent 7.9.3, Cortex XDR agent 8.0.2, and all later Cortex XDR agent versions.