{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Cortex XDR Agent: Improper File Signature Verification Checks"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2024-5912","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-03-11T22:30:04.908Z","generator":{"date":"2026-03-11T22:30:04.908Z","engine":{"name":"vulnogram","version":"0.1.0-rc1"}},"id":"CVE-2024-5912","initial_release_date":"2024-07-10T16:00:00.000Z","revision_history":[{"number":"1","date":"2024-07-10T09:00:00.000Z","summary":"Initial publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"Cortex XDR Agent","category":"product_name","branches":[{"category":"product_version","name":"Cortex XDR Agent 8.4 None","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-14"}},{"category":"product_version","name":"Cortex XDR Agent 8.4 All","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-15"}},{"category":"product_version","name":"Cortex XDR Agent 8.3 All","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-17"}},{"category":"product_version","name":"Cortex XDR Agent 8.3 None","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-16"}},{"category":"product_version","name":"Cortex XDR Agent 8.3-CE All","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-8"}},{"category":"product_version","name":"Cortex XDR Agent 8.3-CE None","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-9"}},{"category":"product_version","name":"Cortex XDR Agent 8.5 None","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-10"}},{"category":"product_version","name":"Cortex XDR Agent 8.5 All","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-11"}},{"category":"product_version_range","name":"vers:generic/Cortex XDR Agent<7.9.102-CE","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-3"}},{"category":"product_version_range","name":"vers:generic/Cortex XDR Agent>=7.9.102-CE","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-3"}},{"category":"product_version_range","name":"vers:generic/Cortex XDR Agent<8.2.2","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-22"}},{"category":"product_version_range","name":"vers:generic/Cortex XDR Agent>=8.2.2","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-22"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2024-5912","product_status":{"fixed":["PANW-Cortex-XDR-Agent-3","PANW-Cortex-XDR-Agent-22"],"known_affected":["PANW-Cortex-XDR-Agent-14","PANW-Cortex-XDR-Agent-16","PANW-Cortex-XDR-Agent-9","PANW-Cortex-XDR-Agent-10","PANW-Cortex-XDR-Agent-3","PANW-Cortex-XDR-Agent-22"],"known_not_affected":["PANW-Cortex-XDR-Agent-15","PANW-Cortex-XDR-Agent-17","PANW-Cortex-XDR-Agent-8","PANW-Cortex-XDR-Agent-11"]},"notes":[{"category":"description","text":"An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked."}],"references":[{"category":"external","summary":"NVD - CVE-2024-5912","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5912"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2024-5912","url":"https://security.paloaltonetworks.com/CVE-2024-5912"}],"threats":[{"category":"impact","description":"An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked."}],"scores":[{"cvss_v4":{"version":"4.0","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","baseSeverity":"MEDIUM","baseScore":6.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber"},"products":["PANW-Cortex-XDR-Agent-14","PANW-Cortex-XDR-Agent-16","PANW-Cortex-XDR-Agent-9","PANW-Cortex-XDR-Agent-10","PANW-Cortex-XDR-Agent-3","PANW-Cortex-XDR-Agent-22"]}]}]}