CVE-2026-0232

Summary

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XDR Agent9.1.0 < 5.10.14unaffected
Palo Alto NetworksCortex XDR Agent9.0unaffected
Palo Alto NetworksCortex XDR Agent8.9unaffected
Palo Alto NetworksCortex XDR Agent8.7-CEunaffected
Palo Alto NetworksCortex XDR Agent9.0 < 9.0.1affected
Palo Alto NetworksCortex XDR Agent8.9 < 8.9.1affected
Palo Alto NetworksCortex XDR Agent8.7-CE < 8.7.101-CEaffected
Palo Alto NetworksCortex XDR Agent8.3-CE < 8.3-CE-CU-2120affected
Palo Alto NetworksCortex XDR Agent7.9-CE < 7.9-CE-CU-2120affected

Weaknesses

  • CWE-15: CWE-15: External Control of System or Configuration Setting

Workarounds

No known workarounds exist for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References