Several Vulnerabilities Allow Disabling of Palo Alto Networks Products

14-Apr-22

(1)An attacker with elevated rights can defeat the company’s Cortex XDR Agent, according to a security researcher who goes by the online alias “mr.d0x.” (2)The researcher revealed that a local attacker with administrator rights can disable the agent by changing a registry key, leaving the endpoint vulnerable to attacks. The anti-tampering function of the product is unable to prevent this method from being used. Read More…