Products
Palo Alto Networks Cortex XDR agent
Source
psirt@paloaltonetworks.com
Tags
CVE-2024-5912 details
Published : July 10, 2024, 7:15 p.m.
Last Modified : July 10, 2024, 7:15 p.m.
Last Modified : July 10, 2024, 7:15 p.m.
Description
An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-347 | Improper Verification of Cryptographic Signature | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |
References
| URL | Source |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-5912 | psirt@paloaltonetworks.com |
This website uses the NVD API, but is not approved or certified by it.