CVE-2025-0119

Summary

A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Broker VM1.0.0 < 26.100.3affected

Weaknesses

  • CWE-78: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Workarounds

There are no known workarounds or mitigations for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References