security.paloaltonetworks.com
Open in
urlscan Pro
34.49.135.97
Public Scan
Submitted URL: https://u574567.ct.sendgrid.net/ls/click?upn=u001.Mf7MWdPSfie6Atm1eagsgHU9XR5iD9zXZRfCa5aUs7To9VyJiInwgSCjtwcYqOlbxatrkYqcKKcqO7...
Effective URL: https://security.paloaltonetworks.com/CVE-2024-8690
Submission: On September 12 via api from US — Scanned from DE
Effective URL: https://security.paloaltonetworks.com/CVE-2024-8690
Submission: On September 12 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
* Get support * Security advisories * Report vulnerabilities * Subscribe * RSS feed Palo Alto Networks Security Advisories / CVE-2024-8690 CVE-2024-8690 CORTEX XDR AGENT: LOCAL WINDOWS ADMINISTRATOR CAN DISABLE THE AGENT 047910 Severity 5.6 · MEDIUM Urgency MODERATE Response Effort MODERATE Recovery USER Value Density DIFFUSE Attack Vector LOCAL Attack Complexity LOW Attack Requirements PRESENT Automatable NO User Interaction NONE Product Confidentiality NONE Product Integrity HIGH Product Availability NONE Privileges Required HIGH Subsequent Confidentiality NONE Subsequent Integrity NONE Subsequent Availability LOW NVD JSON Published 2024-09-11 Updated 2024-09-11 Reference CPATR-20644 Discovered externally DESCRIPTION A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity. PRODUCT STATUS VersionsAffectedUnaffectedCortex XDR Agent 8.5NoneAllCortex XDR Agent 8.4NoneAllCortex XDR Agent 8.3-CENoneAllCortex XDR Agent 8.3NoneAllCortex XDR Agent 8.2NoneAllCortex XDR Agent 7.9.102-CEAllNone SEVERITY: MEDIUM CVSSv4.0 Base Score: 5.6 (CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:L/AU:N/R:U/V:D/RE:M/U:Amber) EXPLOITATION STATUS Palo Alto Networks is not aware of any malicious exploitation of this issue. WEAKNESS TYPE CWE-440: Expected Behavior Violation SOLUTION This issue is fixed in Cortex XDR Agent 8.2, and all later Cortex XDR Agent versions. ACKNOWLEDGMENTS Palo Alto Networks thanks Ayman Sagy of CyberCX for discovering and reporting this issue. TIMELINE 2024-09-11 Initial publication Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions © 2024 Palo Alto Networks, Inc. All rights reserved.