Vulnerability Description
An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Paloaltonetworks | Cortex Xdr Agent | >= 5.0, < 5.0.10 |
Related Weaknesses (CWE)
References
- https://security.paloaltonetworks.com/CVE-2020-2020Vendor Advisory
- https://security.paloaltonetworks.com/CVE-2020-2020Vendor Advisory
FAQ
What is CVE-2020-2020?
CVE-2020-2020 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents th...
How severe is CVE-2020-2020?
CVE-2020-2020 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-2020?
Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Cortex Xdr Agent.