What is CVE-2022-0026?

CVE-2022-0026 is a medium-severity vulnerability in Palo Alto Networks Cortex Xdr Agent, classified under CWE-282. CVSS score: 6.7/10. Published 2022-05-11.

How severe is CVE-2022-0026?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Is CVE-2022-0026 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Palo Alto Networks Cortex Xdr Agent

CVE-2022-0026

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute…

EPSS: 0.000 (11.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Palo Alto Networks Cortex Xdr Agent — versions 7.7.* without CU-330, 7.7.* with CU-330, 7.6.* without CU-330

Weakness classification (CWE)

CWE-282

Public proof-of-concept exploits

karimhabush/cyberowl

References

security.paloaltonetworks.com/CVE-2022-0026 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-0026?: CVE-2022-0026 is a medium-severity vulnerability in Palo Alto Networks Cortex Xdr Agent, classified under CWE-282. CVSS score: 6.7/10. Published 2022-05-11.
How severe is CVE-2022-0026?: Medium severity. CVSS v3 base score is 6.7 out of 10.
Is CVE-2022-0026 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.