SecuriTricks - CVE-2024-5912

Product(s) Impacted

Palo Alto Networks Cortex XDR agent

Description

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked.

Weaknesses

CWE-347

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

CWE ID: 347

Date

Published: July 10, 2024, 7:15 p.m.

Last Modified: July 10, 2024, 7:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

psirt@paloaltonetworks.com

CVE-2024-5912

Tags

Product(s) Impacted

Description

Weaknesses

CWE-347

Improper Verification of Cryptographic Signature

Date

Status : Received

Source

References

CVE-2024-5912

Tags

Product(s) Impacted

Description

Weaknesses

CWE-347

Improper Verification of Cryptographic Signature

Date

Status : Received

Source

References

Share