CVE-2024-5909

Published: Jun 12, 2024

Modified: Aug 1, 2024

PUBLISHED

Description

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

Vendor	Product	Versions
Palo Alto Networks	Cortex XDR Agent	unaffected `8.4.0` unaffected `8.3.0` affected `8.2.0 - < 8.2.1` affected `8.1.0 - < 8.1.2` affected `7.9-CE - < 7.9.102-CE`

Weaknesses (CWE)

CWE-269

References

https://security.paloaltonetworks.com/CVE-2024-5909

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-5909

Description

Affected Products

Weaknesses (CWE)

References