CVE-2025-4228

Summary

An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Broker VM27.0.0 < 27.0.26affected

Weaknesses

  • CWE-266: CWE-266 Incorrect Privilege Assignment

Workarounds

No known workarounds or mitigations exist for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References