CVE-2022-0012

Summary

An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Agent7.4.*unaffected
Palo Alto NetworksCortex XDR Agent7.5.*unaffected
Palo Alto NetworksCortex XDR Agent7.6.*unaffected
Palo Alto NetworksCortex XDR Agent5.0 < 5.0.12affected
Palo Alto NetworksCortex XDR Agent7.2 < 7.2.4affected
Palo Alto NetworksCortex XDR Agent7.3 < 7.3.2affected
Palo Alto NetworksCortex XDR Agent6.1 < 6.1.9affected

Weaknesses

  • CWE-59: CWE-59 Improper Link Resolution Before File Access ('Link Following')

Workarounds

There is no known workaround available for this issue.

ADP Enrichment

CVE Program Container

Additional References

References