CVE-2022-0026

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.4:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.4:hotfix:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:hotfix:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.6:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.6:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.7:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.7:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.8:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.8:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.9:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.9:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.2:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.2:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.3:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.3:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.4:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.4:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5:-:*:*:content_engine:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.2:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.2:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.3:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.3:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.2:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.2:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7.1:content_update330:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

09 Dec 2022, 18:12

Type Values Removed Values Added
CPE cpe:2.3:a:paloaltonetworks:content_update330:7.5:-:*:*:content_engine:*:*:*

23 May 2022, 17:41

Type Values Removed Values Added
First Time Paloaltonetworks
Paloaltonetworks content Update330
Paloaltonetworks cortex Xdr Agent
Microsoft
Microsoft windows
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 6.7
CPE cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.6:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:content_update330:7.5:-:*:*:content_engine:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.2:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.4:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5:-:*:*:content_engine:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.9:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.7:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.7:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.3:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.4:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.3:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:hotfix:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.4:hotfix:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.2:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.2:content_update330:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.1:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.6:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.2:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.9:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.2:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.4:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.3:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.3:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.1:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.8:content_update330:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.8:-:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.2:content_update330:*:*:*:*:*:*
References (MISC) https://security.paloaltonetworks.com/CVE-2022-0026 - (MISC) https://security.paloaltonetworks.com/CVE-2022-0026 - Vendor Advisory
CWE NVD-CWE-Other

11 May 2022, 17:20

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-11 17:15

Updated : 2023-12-10 14:22


NVD link : CVE-2022-0026

Mitre link : CVE-2022-0026

CVE.ORG link : CVE-2022-0026


JSON object : View

Products Affected

microsoft

  • windows

paloaltonetworks

  • cortex_xdr_agent
CWE
NVD-CWE-Other CWE-282

Improper Ownership Management