RCE in Palo Alto Networks Cortex Xdr Broker Vm
CVE-2025-0119
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary OS commands with root privileges on the host operating system running Broker VM.
Vulnerability class: Command Injection (OS Command Injection)
EPSS: 0.005 (40.2th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Cortex Xdr Broker Vm — versions 1.0.0
Weakness classification (CWE)
References
- psirt@paloaltonetworks.com (vendor-advisory)