CVE-2025-0134 MEDIUM

CVE-2025-0134: Cortex XDR Broker VM: Authenticated Code Injection Vulnerability in Broker VM

Vendor Palo Alto Networks
Product Cortex XDR Broker VM
Weakness CWE-94 · Code injection
Published May 14, 2025
Last update February 26, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/S:N/AU:N/R:U/V:C/RE:M/U:Amber

What the vulnerability does

01Description

A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker VM.

Key dates

02Disclosure timeline

May 14, 2025 CVE published
February 26, 2026 Record updated

Related vulnerabilities

04Related CVE