CVE-2024-5912

Summary

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Agent8.4unaffected
Palo Alto NetworksCortex XDR Agent8.3-CEunaffected
Palo Alto NetworksCortex XDR Agent8.3unaffected
Palo Alto NetworksCortex XDR Agent7.9-CE < 7.9.102-CEaffected
Palo Alto NetworksCortex XDR Agent8.2 < 8.2.2affected

Weaknesses

  • CWE-347: CWE-347 Improper Verification of Cryptographic Signature

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References