CVE-2023-3280 — Improper Handling of Exceptional Conditions in Palo Alto Networks Cortex XDR Agent

CWE-755 — Improper Handling of Exceptional Conditions4 documents4 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 75.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Cortex XDR Agent Paloaltonetworks Cortex XDR Agent Paloalto Cortex XDR Agent

Timeline

PublishedSep 13

Description

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶NVDpaloaltonetworks/cortex_xdr_agent7.9.0 — 7.9.3+4

▶CVEListV5palo_alto_networks/cortex_xdr_agent7.9 — 7.9.3+4

▶Palo Altopaloalto/cortex_xdr_agent

🔴Vulnerability Details

GHSA

GHSA-6677-fgc8-98h4: A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent↗2023-09-13

▶

CVEList

Cortex XDR Agent: Local Windows User Can Disable the Agent↗2023-09-13

▶

📋Vendor Advisories

Palo Alto

Cortex XDR Agent: Local Windows User Can Disable the Agent↗2023-09-13

▶