Palo Alto Networks Cortex XDR Agent
Moderate fix5 remedies
cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*
Moderate fix5 remedies
- >= 9.0.0, < 9.0.1
- >= 8.9.0, < 8.9.1
- >= 8.7.101, < 8.7.101-CE
Palo Alto Networks Cortex XDR Agent Protection Mechanism Bypass Vulnerability on Windows
Vulnerability
Patched
A vulnerability in the Palo Alto Networks Cortex XDR agent for Windows allows local administrators to disable the agent. This flaw could be exploited by malware to carry out malicious activities without being detected. The issue arises in versions 9.0.0 prior to 9.0.1, 8.9.0 prior to 8.9.1, and 8.7.101-CE prior to 8.7.101-CE, all without Content Update 2120.
Impact
Disabling the Cortex XDR agent could allow malware to execute harmful actions on the system without detection.
Remediation
To address this vulnerability, users should update their Cortex XDR agent to version 9.0.1 or later, 8.9.1 or later, or 8.7.101-CE. For versions 8.3-CE and 7.9-CE, applying Content Update 2120 is sufficient.
Added: Apr 13, 2026, 8:26 AM
Updated: Apr 13, 2026, 8:26 AM
Vulnerability Rating
Custom Algorithm
spread
5.4impact
5.0exploitability
2.4remediation
7.7relevance
5.8threat
0.0urgency
5.7incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.