Vulnerability Description
A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory. This issue impacts: All versions of Cortex XDR Agent 7.1 with content update 149 and earlier versions; All versions of Cortex XDR Agent 7.2 with content update 149 and earlier versions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Paloaltonetworks | Cortex Xdr Agent | >= 7.1.1, <= 7.1.3 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://security.paloaltonetworks.com/CVE-2020-2049Vendor Advisory
- https://security.paloaltonetworks.com/CVE-2020-2049Vendor Advisory
FAQ
What is CVE-2020-2049?
CVE-2020-2049 is a vulnerability with a CVSS score of 7.8 (HIGH). A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privile...
How severe is CVE-2020-2049?
CVE-2020-2049 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-2049?
Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Cortex Xdr Agent, Microsoft Windows.