CVE-2024-5907

Summary

A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Agent7.9-CE < 7.9.102-CEaffected
Palo Alto NetworksCortex XDR Agent8.1.0affected
Palo Alto NetworksCortex XDR Agent8.2.0 < 8.2.3affected
Palo Alto NetworksCortex XDR Agent8.3.0 < 8.3.1affected
Palo Alto NetworksCortex XDR Agent8.4.0unaffected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References