CVE-2024-8690 MEDIUM

CVE-2024-8690: Cortex XDR Agent: Local Windows Administrator Can Disable the Agent

Vendor Palo Alto Networks
Product Cortex XDR Agent
Weakness CWE-440
Published September 11, 2024
Last update September 11, 2024

CVSS base score

5.6/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:L/AU:N/R:U/V:D/RE:M/U:Amber

What the vulnerability does

01Description

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

Key dates

02Disclosure timeline

September 11, 2024 CVE published
September 11, 2024 Record updated