https://security.paloaltonetworks.com/CVE-2024-5909

NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NIST CWE-269

OR
     *cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:critical_environment:windows:*:* versions from (including) 7.9 up to (excluding) 7.9.102
     *cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:windows:*:* versions from (including) 8.1 up to (excluding) 8.1.2
     *cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:windows:*:* versions from (including) 8.2 up to (excluding) 8.2.1

https://security.paloaltonetworks.com/CVE-2024-5909 No Types Assigned

https://security.paloaltonetworks.com/CVE-2024-5909 Vendor Advisory

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a low privileged local Windows user to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity.

Palo Alto Networks, Inc. CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber

Palo Alto Networks, Inc. CWE-269

Palo Alto Networks, Inc. https://security.paloaltonetworks.com/CVE-2024-5909 [No types assigned]