CVE-2022-0029

Summary

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Agent7.7 < 7.7.3affected
Palo Alto NetworksCortex XDR Agent7.5 CE < 7.5.101-CEaffected
Palo Alto NetworksCortex XDR Agent5.0 < 5.0.12-hotfix updateaffected
Palo Alto NetworksCortex XDR Agent7.8 allunaffected
Palo Alto NetworksCortex XDR Agent7.7.3 < 7.7*unaffected
Palo Alto NetworksCortex XDR Agent7.5.101-CE < 7.5 CE*unaffected
Palo Alto NetworksCortex XDR Agent5.0.12-hotfix update < 5.0*unaffected

Weaknesses

  • CWE-59: CWE-59 Improper Link Resolution Before File Access ('Link Following')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References