NULL pointer dereference in Palo Alto Networks Cortex Xdr Agent
CVE-2025-0121
A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious ac…
EPSS: 0.001 (3.9th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Cortex Xdr Agent — versions 8.7.0, 8.6.0, 8.5.0
Weakness classification (CWE)
References
- psirt@paloaltonetworks.com (vendor-advisory)