Vulnerability Details CVE-2024-5907
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.7%
CVSS Severity
CVSS v3 Score 7.0
References
Products affected by CVE-2024-5907
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.100
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.101
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.3
-
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.3.0