Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Cortex XDR agent — Vulnerabilities & Security Advisories 24

All 24 CVE vulnerabilities found in Cortex XDR agent, with AI-generated Chinese analysis, references, and POCs.

This page documents known vulnerabilities associated with the Cortex XDR Agent, a security solution developed by Palo Alto Networks, specifically focusing on security weaknesses and flaw types. It aggregates data regarding various common vulnerability classifications such as remote code execution, privilege escalation, and cross-site scripting, covering incidents reported from 2020 through the present. Users can utilize this resource to systematically track vendor advisories for Palo Alto Networks, gain a deeper understanding of specific weakness classes within enterprise endpoint protection platforms, and review the comprehensive vulnerability history of the Cortex XDR Agent to assess long-term security trends. The content is organized to facilitate quick reference for security analysts and system administrators who need to evaluate the risk posture of their deployment environments without navigating disparate sources. By centralizing this information, the page aims to streamline the process of identifying potential exposure points and prioritizing remediation efforts based on historical data and reported severity levels. It serves as a neutral repository for factual information regarding software defects, enabling informed decision-making regarding patch management and upgrade cycles. The scope includes both recent disclosures and older, archived findings to provide a complete historical context for the product’s security evolution.

Vendor: Palo Alto Networks

CVE IDTitleCVSSSeverityPublished
CVE-2026-0232 Cortex XDR Agent: Local Administrator can disable the agent on Windows CWE-15 6.0 -2026-04-13
CVE-2026-0230 Cortex XDR Agent: Local Administrator can disable the agent on macOS CWE-754 6.0AIMediumAI2026-03-11
CVE-2025-0121 Cortex XDR Agent: Local Windows User Can Crash the Agent CWE-476 7.1AIHighAI2025-04-11
CVE-2025-0112 Cortex XDR Agent: Local Windows User Can Disable the Agent CWE-754 7.8 -2025-02-19
CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent CWE-754 7.8AIHighAI2024-10-09
CVE-2024-8690 Cortex XDR Agent: Local Windows Administrator Can Disable the Agent CWE-440 6.7AIMediumAI2024-09-11
CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks CWE-347 8.4AIHighAI2024-07-10
CVE-2024-5909 Cortex XDR Agent: Local Windows User Can Disable the Agent CWE-269 7.8AIHighAI2024-06-12
CVE-2024-5907 Cortex XDR Agent: Local Privilege Escalation (PE) Vulnerability CWE-269 7.0AIHighAI2024-06-12
CVE-2024-5905 Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent CWE-346 7.1AIHighAI2024-06-12
CVE-2023-3280 Cortex XDR Agent: Local Windows User Can Disable the Agent CWE-755 5.5 Medium2023-09-13
CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User CWE-693 5.5 Medium2023-02-08
CVE-2023-0001 Cortex XDR Agent: Cleartext Exposure of Agent Admin Password CWE-319 6.0 Medium2023-02-08
CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File CWE-59 5.5 Medium2022-09-14
CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability CWE-282 6.7 Medium2022-05-11
CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability CWE-427 6.7 Medium2022-05-11
CVE-2022-0015 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability CWE-427 7.8 High2022-01-12
CVE-2022-0014 Cortex XDR Agent: Unintended Program Execution When Using Live Terminal Session CWE-426 6.7 Medium2022-01-12
CVE-2022-0013 Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File CWE-538 5.0 Medium2022-01-12
CVE-2022-0012 Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability CWE-59 6.1 Medium2022-01-12
CVE-2021-3042 Cortex XDR Agent: Improper Control of User-Controlled File Leads to Local Privilege Escalation CWE-427 7.8 High2021-07-15
CVE-2021-3041 Cortex XDR Agent: Improper control of user-controlled file leads to local privilege escalation CWE-427 7.8 High2021-06-10
CVE-2020-2049 Cortex XDR Agent: Improper control of loaded DLL leads to local privilege escalation CWE-427 7.8 High2020-12-09
CVE-2020-2020 Cortex XDR Agent: Exceptional condition denial-of-service (DoS) CWE-755 5.5 Medium2020-12-09

All 24 known CVE vulnerabilities affecting Cortex XDR agent with full Chinese analysis, references, and POCs where available.