CVE-2023-3280

Summary

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Agent5.0affected
Palo Alto NetworksCortex XDR Agent7.5-CEaffected
Palo Alto NetworksCortex XDR Agent7.9 < 7.9.3affected
Palo Alto NetworksCortex XDR Agent7.9-CE < 7.9.101-CEaffected
Palo Alto NetworksCortex XDR Agent8.0 < 8.0.2affected
Palo Alto NetworksCortex XDR Agent8.1unaffected

Weaknesses

  • CWE-755: CWE-755 Improper Handling of Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References