Medium6.7Palo Alto Networks
Cortex XDR: problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows ad…
CVE-2026-0232 Published Apr 13, 2026Updated by vendor Jun 17, 2026
CVE-2026-0232
Affected products & platforms
Palo Alto NetworksCortex
Summary
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection.
Affected versions
- Cortex XDR Agent < 9.0.1
- Cortex XDR Agent < 8.9.1
- Cortex XDR Agent < 8.7.101-CE
- Cortex XDR Agent 8.3-CE
- Cortex XDR Agent 7.9-CE
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Fixed versions
- Cortex XDR Agent >= 9.0.1
- Cortex XDR Agent >= 8.9.1
- Cortex XDR Agent >= 8.7.101-CE
- Cortex XDR Agent >= 8.3-CE
- Cortex XDR Agent >= 7.9-CE
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- To fully remediate this vulnerability, customers must ensure their Content Update is at version 2120 or higher.
- This update provides the necessary protection across all supported versions of Cortex XDR.
- While the Content Update provides the primary fix, the following software releases include complementary architectural enhancements to further harden the environment:
Temporary workarounds
- No known workarounds exist for this issue.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.