We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-8690

Cortex XDR Agent: Local Windows Administrator Can Disable the Agent



Description

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

Reserved 2024-09-11 | Published 2024-09-11 | Updated 2024-09-11 | Assigner palo_alto


MEDIUM: 5.6CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:L/AU:N/R:U/V:D/RE:M/U:Amber

Problem types

CWE-440: Expected Behavior Violation

Product status

Default status
unaffected

8.5
unaffected

8.4
unaffected

8.3
unaffected

8.3-CE
unaffected

8.2
unaffected

7.9.102-CE
affected

Timeline

2024-09-11:Initial publication

Credits

Ayman Sagy of CyberCX finder

References

security.paloaltonetworks.com/CVE-2024-8690

cve.org (CVE-2024-8690)

nvd.nist.gov (CVE-2024-8690)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-8690

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.