CVE-2023-0001

MEDIUM

Palo Alto Networks Cortex XDR < - Info Disclosure

Title source: llm

Description

An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.

Exploits (1)

metasploit WRITEUP

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/spec/support/shared/examples/msf/db_manager/vuln.rb

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://security.paloaltonetworks.com/CVE-2023-0001

Scores

CVSS v3 6.0

EPSS 0.0047

EPSS Percentile 64.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-319

Status published

Products (1)

paloaltonetworks/cortex_xdr_agent 7.5 - 7.5.101

Published Feb 08, 2023

Tracked Since Feb 18, 2026