CVE-2022-0029

Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File

CVSS 5.5 MEDIUMEPSS 0.2%CWE-59

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Produtos afetados

Palo Alto Networks · Cortex XDR Agent

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://security.paloaltonetworks.com/CVE-2022-0029