ADVISORY!
TLP : CLEAR
Date : 15/07/2024
REF NO : CERT / 2024/07/63
Palo Alto Cortex XDR Agent Security Restriction Bypass Vulnerability
Severity Level: Medium
Components Affected
- Cortex XDR Agent 8.2 versions prior to 8.2.2
- Cortex XDR Agent 7.9-CE versions prior to 7.9.102-CE
Overview
A vulnerability has been identified in Palo Alto Cortex XDR Agent. A remote attacker can exploit this vulnerability to trigger security restriction bypass on the targeted system.
Description
An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent’s executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked.
Impact
- Security Restriction Bypass
Solution/ Workarounds
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://securityadvisories.paloaltonetworks.com/CVE-2024-5912
Reference
Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.
Sri Lanka Computer Emergency Readiness Team | Coordination Centre
- Hotline : 101
- +94 11 269 1692
- Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
- General inquiry: cert@cert.gov.lk
- Security incidents: incidents@cert.gov.lk
- Social media incidents: report@cert.gov.lk
