Palo Alto Networks Security Advisories

1 - 25 of 43

CVSS	Summary	Versions	Affected	Unaffected	Published	Updated
4.3	CVE-2025-0121 Cortex XDR Agent: Local Windows User Can Crash the Agent	Cortex XDR Agent 8.7 Cortex XDR Agent 8.6 Cortex XDR Agent 8.5 Cortex XDR Agent 8.3-CE Cortex XDR Agent 7.9-CE	None on Windows < 8.6.1 on Windows < 8.5.2 on Windows < 8.3.101-CE HF on Windows < 7.9.103-CE HF on Windows	All on Windows >= 8.6.1 on Windows >= 8.5.2 on Windows >= 8.3.101-CE HF on Windows >= 7.9.103-CE HF on Windows	2025-04-09	2025-04-09
4.3	CVE-2025-0112 Cortex XDR Agent: Local Windows User Can Disable the Agent	Cortex XDR Agent 8.6 Cortex XDR Agent 8.5 Cortex XDR Agent 8.4 Cortex XDR Agent 8.3-CE	None on Windows < 8.5.1 on Windows All on Windows * < 8.3.101-CE on Windows	All on Windows >= 8.5.1 on Windows None on Windows * >= 8.3.101-CE on Windows	2025-02-12	2025-02-12
i	PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent	Cortex XDR Agent	None	All	2024-11-07	2024-11-07
5.7	CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent	Cortex XDR Agent 8.6 Cortex XDR Agent 8.5 Cortex XDR Agent 8.4 Cortex XDR Agent 8.3-CE Cortex XDR Agent 8.3 Cortex XDR Agent 7.9-CE	None None < 8.4.1 on Windows None < 8.3.1 on Windows < 7.9.102-CE on Windows	All All >= 8.4.1 on Windows All >= 8.3.1 on Windows >= 7.9.102-CE on Windows	2024-10-09	2024-10-09
i	CVE-2024-47076 Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products	Cloud NGFW Cortex XDR Cortex XDR Agent Cortex XSIAM Cortex XSOAR GlobalProtect App PAN-OS Prisma Access Prisma Access Browser Prisma Cloud Prisma Cloud Compute Prisma SD-WAN	None None None None None None None None None None None None	All All All All All All All All All All All All	2024-09-26	2024-09-26
5.6	CVE-2024-8690 Cortex XDR Agent: Local Windows Administrator Can Disable the Agent	Cortex XDR Agent 8.5 Cortex XDR Agent 8.4 Cortex XDR Agent 8.3-CE Cortex XDR Agent 8.3 Cortex XDR Agent 8.2 Cortex XDR Agent 7.9.102-CE	None None None None None All	All All All All All None	2024-09-11	2024-09-11
i	CVE-2024-5535 Informational Bulletin: Impact of OpenSSL Vulnerabilities CVE-2024-5535 and CVE-2024-6119	➔ View multiple products	None	all	2024-08-22	2024-09-04
6.8	CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks	Cortex XDR Agent 8.5 Cortex XDR Agent 8.4 Cortex XDR Agent 8.3-CE Cortex XDR Agent 8.3 Cortex XDR Agent 8.2 Cortex XDR Agent 7.9-CE	None None None None < 8.2.2 < 7.9.102-CE	All All All All >= 8.2.2 >= 7.9.102-CE	2024-07-10	2024-07-10
6.8	CVE-2024-5909 Cortex XDR Agent: Local Windows User Can Disable the Agent	Cortex XDR Agent 8.4 Cortex XDR Agent 8.3 Cortex XDR Agent 8.2 Cortex XDR Agent 8.1 Cortex XDR Agent 7.9-CE	None None < 8.2.1 on Windows < 8.1.2 on Windows < 7.9.102-CE on Windows	All All >= 8.2.1 on Windows >= 8.1.2 on Windows >= 7.9.102-CE on Windows	2024-06-12	2024-06-12
2	CVE-2024-5905 Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent	Cortex XDR Agent 8.4 Cortex XDR Agent 8.3 Cortex XDR Agent 8.2 Cortex XDR Agent 8.1 Cortex XDR Agent 7.9-CE	None None < 8.2.1 on Windows < 8.1.2 on Windows < 7.9.102-CE on Windows	All All >= 8.2.1 on Windows >= 8.1.2 on Windows >= 7.9.102-CE on Windows	2024-06-12	2024-06-12
5.2	CVE-2024-5907 Cortex XDR Agent: Local Privilege Escalation (PE) Vulnerability	Cortex XDR Agent 8.4 Cortex XDR Agent 8.3 Cortex XDR Agent 8.2 Cortex XDR Agent 8.1 Cortex XDR Agent 7.9-CE	None < 8.3.1 on Windows < 8.2.3 on Windows All < 7.9.102-CE on Windows	All >= 8.3.1 on Windows >= 8.2.3 on Windows None >= 7.9.102-CE on Windows	2024-06-12	2024-06-12
i	PAN-SA-2024-0005 Informational Bulletin: Proof of Concept (PoC) Bypasses Protection Modules in Cortex XDR Agent	Cortex XDR Agent 8.4 Cortex XDR Agent 8.3 Cortex XDR Agent 8.2 Cortex XDR Agent 8.1 Cortex XDR Agent 8.0 Cortex XDR Agent 7.9 Cortex XDR Agent 5.0	< Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows All agents on Windows	>= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows None	2024-04-24	2024-04-24
i	CVE-2024-3094 Informational: Impact of Malicious Code in XZ Tools and Libraries (CVE-2024-3094)	➔ View multiple products	None	all	2024-04-01	2024-04-01
0	CVE-2023-38545 Impact of curl and libcurl Vulnerabilities (CVE-2023-38545, CVE-2023-38546)	➔ View multiple products	None	all	2023-10-12	2023-10-31
0	CVE-2023-44487 Impact of Rapid Reset and HTTP/2 DoS Vulnerabilities (CVE-2023-44487, CVE-2023-35945)	➔ View multiple products	None	all	2023-10-11	2023-10-25
5.5	CVE-2023-3280 Cortex XDR Agent: Local Windows User Can Disable the Agent	Cortex XDR Agent 8.1 Cortex XDR Agent 8.0 Cortex XDR Agent 7.9-CE Cortex XDR Agent 7.9 Cortex XDR Agent 7.5-CE Cortex XDR Agent 5.0	None < 8.0.2 on Windows < 7.9.101-CE on Windows < 7.9.3 on Windows All on Windows All on Windows	All >= 8.0.2 with CU-1000 or a later content update on Windows >= 7.9.101-CE with CU-1000 or a later content update on Windows >= 7.9.3 with CU-1000 or a later content update on Windows None None	2023-09-13	2023-09-22
i	PAN-SA-2023-0003 Informational Bulletin: Impact of MOVEit Vulnerabilities (CVE-2023-34362, CVE-2023-35036, CVE-2023-35708)	➔ View multiple products	None	all	2023-06-16	2023-06-20
i	PAN-SA-2023-0002 Informational Bulletin: Impact of Rorschach Ransomware	Cortex XDR Agent 5.0 Cortex XDR Agent 7.5 CE Cortex XDR Agent 7.8 Cortex XDR Agent 7.9 CE Cortex XDR Agent 8.0	All agents on Windows All agents on Windows < Agents with content update earlier than CU-240 on Windows < Agents with content update earlier than CU-240 on Windows < Agents with content update earlier than CU-240 on Windows	None None >= Agents with CU-240 or a later content update on Windows >= Agents with CU-240 or a later content update on Windows >= Agents with CU-240 or a later content update on Windows	2023-04-04	2023-04-12
0	PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023	➔ View multiple products	None	all	2023-02-08	2023-02-08
5.5	CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User	Cortex XDR Agent 7.9 Cortex XDR Agent 7.8 Cortex XDR Agent 7.5 Cortex XDR Agent 5.0	None None < 7.5.101-CE on Windows < 5.0.12.22203 on Windows	All All >= 7.5.101-CE on Windows >= 5.0.12.22203 on Windows	2023-02-08	2023-02-08
6	CVE-2023-0001 Cortex XDR Agent: Cleartext Exposure of Agent Admin Password	Cortex XDR Agent 7.9 Cortex XDR Agent 7.8 Cortex XDR Agent 7.5 Cortex XDR Agent 5.0	None None < 7.5.101-CE on Windows None	All All >= 7.5.101-CE on Windows All	2023-02-08	2023-02-08
0	PAN-SA-2022-0007 Impact of OpenSSL 3.0 Vulnerability CVE-2022-3996	➔ View multiple products	None	all	2022-12-23	2022-12-23
0	CVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889	➔ View multiple products	None	all	2022-11-09	2022-11-09
0	PAN-SA-2022-0006 Impact of OpenSSL 3.0 Vulnerabilities CVE-2022-3786 and CVE-2022-3602	➔ View multiple products	None	all	2022-10-31	2022-11-09
i	PAN-SA-2022-0005 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator	Cortex XDR Agent	All agents with a content update earlier than CU-860 on Windows	All agents with CU-860 or a later content update	2022-09-14	2023-03-08

1 - 25 of 43 Download