CVE-2024-5912 Vulnerability Details

  /     /     /  

CVE-2024-5912 Metadata Quick Info

CVE Published: 10/07/2024 | CVE Updated: 01/08/2024 | CVE Year: 2024
Source: palo_alto | Vendor: Palo Alto Networks | Product: Cortex XDR Agent
Status : PUBLISHED

CVE-2024-5912 Description

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent\'s executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-347
CWE Name: CWE-347 Improper Verification of Cryptographic Signature
Source: Palo Alto Networks

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-554
CAPEC Description: CAPEC-554 Functionality Bypass


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2024-5912 Vulnerability Details