Topic starter
Details:-
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.
Vendor :- Palo Alto Networks
Posted : 16/02/2023 10:57 am
https://security.paloaltonetworks.com/CVE-2023-0001
Solution
This issue is fixed in Cortex XDR agent 7.5.101-CE and all later supported Cortex XDR agent versions. (Cortex XDR agent 5.0 is not impacted.)
After you upgrade to a fixed version of the Cortex XDR agent, you must change the agent admin password in case it was already disclosed to users.
This post was modified 1 year ago by 143 World
Posted : 16/02/2023 5:52 pm