Rewterz Threat Alert – Donot APT Group – Active IOCs
September 16, 2022Rewterz Threat Advisory – Multiple Cisco IOS XR Software Vulnerabilities
September 17, 2022Rewterz Threat Alert – Donot APT Group – Active IOCs
September 16, 2022Rewterz Threat Advisory – Multiple Cisco IOS XR Software Vulnerabilities
September 17, 2022Severity
Medium
Analysis Summary
CVE-2022-0029
Palo Alto Networks Cortex XDR Agent could allow a local authenticated attacker to obtain sensitive information, caused by an improper link resolution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to read files on the system with elevated privileges, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-0029
Affected Vendors
- Palo Alto
Affected Products
- Palo Alto Networks Cortex XDR Agent 5.0
- Palo Alto Networks Cortex XDR Agent 7.7
- Palo Alto Networks Cortex XDR Agent 7.5 CE
Remediation
Refer to GitLab Web site for patch, upgrade or suggested workaround information.