CVE-2023-0001

Summary

An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR agent7.9 Allunaffected
Palo Alto NetworksCortex XDR agent7.8 Allunaffected
Palo Alto NetworksCortex XDR agent7.5 < 7.5.101-CEaffected
Palo Alto NetworksCortex XDR agent5.0 Allunaffected

Weaknesses

  • CWE-319: CWE-319 Cleartext Transmission of Sensitive Information

Workarounds

There are no known workarounds for this issue.

ADP Enrichment

CVE Program Container

Additional References

References