Rewterz Threat Alert – Gamaredon APT Using Template Injection
June 10, 2021Rewterz Threat Alert – Active Phishing Campaign Targeting Google
June 10, 2021Rewterz Threat Alert – Gamaredon APT Using Template Injection
June 10, 2021Rewterz Threat Alert – Active Phishing Campaign Targeting Google
June 10, 2021Severity
High
Analysis Summary
CVE-2021-3041
A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory or to manipulate key registry values.
Impact
- Privilege escalation
- Code Execution
Affected Vendors
Palo Alto
Affected Products
- Cortex XDR Agent 5.0.11
- Cortex XDR Agent 6.1.8
- Cortex XDR Agent 7.2.3 or without content update 171 or later
Remediation
- For Cortex XDR agent 5.0.11 please update to 5.0.12 or later
- For Cortex XDR agent 6.1.8 please update to 6.1.9 or later
- For Cortex XDR agent 7.2.3 and all later Cortex XDR agent versions