CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent (Severity: MEDIUM)
A vulnerability identified as CVE-2024-9469 has been discovered in the Palo Alto Networks Cortex XDR agent for Windows. This flaw allows a local Windows user without administrative privileges to disable the agent, potentially enabling malware to bypass the agent's protections and carry out malicious activities. The issue has a CVSSv4.0 Base Score of 5.7, indicating a medium severity level. The affected versions include Cortex XDR Agent 8.4 prior to 8.4.1, Cortex XDR Agent 8.3 prior to 8.3.1, and Cortex XDR Agent 7.9-CE prior to 7.9.102-CE on Windows. Palo Alto Networks has addressed this vulnerability in Cortex XDR Agent versions 7.9.102-CE, 8.3.1, 8.4.1, and all subsequent releases. The company acknowledges Orange Cyberdefense Switzerland's Research Team for reporting the issue and confirms that there are no known instances of malicious exploitation of this vulnerability as of the initial publication date on October 9, 2024. CVEs: CVE-2024-9469 [View Article](https://security.paloaltonetworks.com/CVE-2024-9469)