CVE-2026-0234

Summary

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksCortex XSOAR Microsoft Teams Marketplace1.5.0 < 1.5.52affected
Palo Alto NetworksCortex XSIAM Microsoft Teams Marketplace1.5.0 < 1.5.52affected

Weaknesses

  • CWE-347: CWE-347 Improper Verification of Cryptographic Signature

Workarounds

No known workarounds exist for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References