VDB
CVE-2023-3280
CVE-2023-3280
PUBLISHED
CVSS 5.5 MEDIUM
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.
EPSS 0.07% · 21.5th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.07%
21.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| paloaltonetworks | cortex_xdr_agent | 7.9.0, 7.9.0, 8.0.0 |
| Palo Alto Networks | Cortex XDR Agent | 7.5-CE, 7.9, 7.9-CE |
Exploit Intelligence
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc-repo)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc-repo)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc-repo)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc-repo)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc-repo)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc-repo)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc-repo)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc)
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20671) (github-poc)
…and 6 more exploits
Timeline
- Sep 13, 2023 CVE Published
- Sep 13, 2023 PoC Published
- Sep 14, 2023 EPSS Score
- Oct 16, 2023 EPSS Score
- Nov 18, 2023 EPSS Score
- Dec 20, 2023 EPSS Score
- Jan 22, 2024 EPSS Score
- Feb 23, 2024 EPSS Score
- Mar 26, 2024 EPSS Score
- Apr 28, 2024 EPSS Score
- May 30, 2024 EPSS Score
- Jul 1, 2024 EPSS Score