Vulnerability-Lookup

CVE-2025-0121 (GCVE-0-2025-0121)

Vulnerability from cvelistv5 – Published: 2025-04-11 01:45 – Updated: 2025-04-11 16:02

Title

Cortex XDR Agent: Local Windows User Can Crash the Agent

Summary

A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it.

Severity ?

6.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

CWE

CWE-476 - NULL Pointer Dereference

Assigner

palo_alto

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2025-0121

vendor-advisory

Impacted products

	Vendor	Product	Version
	Palo Alto Networks	Cortex XDR Agent	Unaffected: 8.7.0 , < 6.3.3 (custom) Affected: 8.6.0 , < 8.6.1 (custom) Affected: 8.5.0 , < 8.5.2 (custom) Affected: 8.3-CE , < 8.3.101-CE HF (custom) Affected: 7.9-CE , < 7.9.103-CE HF (custom) cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.6.0:-:::::: cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.5.0:-:::::: cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.5.1:-:::::: cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.3-CE:-:::::: cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9-CE:-:::::: cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.101-CE:-:::::: cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.102-CE:-::::::

Credits

adcisseckilled

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0121",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-11T15:44:45.921667Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-11T16:02:36.119Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.6.0:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.5.0:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.5.1:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.3-CE:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9-CE:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.101-CE:-:*:*:*:*:*:*",
            "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.102-CE:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Cortex XDR Agent",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.3.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.3.3",
              "status": "unaffected",
              "version": "8.7.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.6.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.6.1",
              "status": "affected",
              "version": "8.6.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.5.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.5.2",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.3.101-CE HF",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.3.101-CE HF",
              "status": "affected",
              "version": "8.3-CE",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "7.9.103-CE HF",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.9.103-CE HF",
              "status": "affected",
              "version": "7.9-CE",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No special configuration is needed to be affected by this issue."
            }
          ],
          "value": "No special configuration is needed to be affected by this issue."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "adcisseckilled"
        }
      ],
      "datePublic": "2025-04-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A null pointer dereference vulnerability in the Palo Alto Networks Cortex\u00ae XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it."
            }
          ],
          "value": "A null pointer dereference vulnerability in the Palo Alto Networks Cortex\u00ae XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-578",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-578 Disable Security Software"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-11T01:45:54.148Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2025-0121"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in Cortex XDR Agent 8.6.1, Cortex XDR Agent 8.5.2, Cortex XDR Agent 8.3.101-CE HF, Cortex XDR Agent 7.9.103-CE HF, and all later Cortex XDR Agent versions."
            }
          ],
          "value": "This issue is fixed in Cortex XDR Agent 8.6.1, Cortex XDR Agent 8.5.2, Cortex XDR Agent 8.3.101-CE HF, Cortex XDR Agent 7.9.103-CE HF, and all later Cortex XDR Agent versions."
        }
      ],
      "source": {
        "defect": [
          "CPATR-26258"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-09T16:00:00.000Z",
          "value": "Initial Publication"
        }
      ],
      "title": "Cortex XDR Agent: Local Windows User Can Crash the Agent",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue."
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_affectedList": [
        "Cortex XDR Agent 8.6.0",
        "Cortex XDR Agent 8.5.0",
        "Cortex XDR Agent 8.5.1",
        "Cortex XDR Agent 8.3-CE",
        "Cortex XDR Agent 7.9-CE",
        "Cortex XDR Agent 7.9.101-CE",
        "Cortex XDR Agent 7.9.102-CE"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2025-0121",
    "datePublished": "2025-04-11T01:45:54.148Z",
    "dateReserved": "2024-12-20T23:23:22.401Z",
    "dateUpdated": "2025-04-11T16:02:36.119Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0121\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-11T15:44:45.921667Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-11T15:44:52.156Z\"}}], \"cna\": {\"title\": \"Cortex XDR Agent: Local Windows User Can Crash the Agent\", \"source\": {\"defect\": [\"CPATR-26258\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"adcisseckilled\"}], \"impacts\": [{\"capecId\": \"CAPEC-578\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-578 Disable Security Software\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 6.8, \"Automatable\": \"NO\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.6.0:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.5.0:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.5.1:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:8.3-CE:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9-CE:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.101-CE:-:*:*:*:*:*:*\", \"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.9.102-CE:-:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"Cortex XDR Agent\", \"versions\": [{\"status\": \"unaffected\", \"changes\": [{\"at\": \"6.3.3\", \"status\": \"unaffected\"}], \"version\": \"8.7.0\", \"lessThan\": \"6.3.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"8.6.1\", \"status\": \"unaffected\"}], \"version\": \"8.6.0\", \"lessThan\": \"8.6.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"8.5.2\", \"status\": \"unaffected\"}], \"version\": \"8.5.0\", \"lessThan\": \"8.5.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"8.3.101-CE HF\", \"status\": \"unaffected\"}], \"version\": \"8.3-CE\", \"lessThan\": \"8.3.101-CE HF\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"7.9.103-CE HF\", \"status\": \"unaffected\"}], \"version\": \"7.9-CE\", \"lessThan\": \"7.9.103-CE HF\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-04-09T16:00:00.000Z\", \"value\": \"Initial Publication\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"This issue is fixed in Cortex XDR Agent 8.6.1, Cortex XDR Agent 8.5.2, Cortex XDR Agent 8.3.101-CE HF, Cortex XDR Agent 7.9.103-CE HF, and all later Cortex XDR Agent versions.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is fixed in Cortex XDR Agent 8.6.1, Cortex XDR Agent 8.5.2, Cortex XDR Agent 8.3.101-CE HF, Cortex XDR Agent 7.9.103-CE HF, and all later Cortex XDR Agent versions.\", \"base64\": false}]}], \"datePublic\": \"2025-04-09T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2025-0121\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A null pointer dereference vulnerability in the Palo Alto Networks Cortex\\u00ae XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A null pointer dereference vulnerability in the Palo Alto Networks Cortex\\u00ae XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"No special configuration is needed to be affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"No special configuration is needed to be affected by this issue.\", \"base64\": false}]}], \"x_affectedList\": [\"Cortex XDR Agent 8.6.0\", \"Cortex XDR Agent 8.5.0\", \"Cortex XDR Agent 8.5.1\", \"Cortex XDR Agent 8.3-CE\", \"Cortex XDR Agent 7.9-CE\", \"Cortex XDR Agent 7.9.101-CE\", \"Cortex XDR Agent 7.9.102-CE\"], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2025-04-11T01:45:54.148Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-0121\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-11T16:02:36.119Z\", \"dateReserved\": \"2024-12-20T23:23:22.401Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2025-04-11T01:45:54.148Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CVE-2025-0121

Vulnerability from fstec - Published: 10.04.2025

Title

Уязвимость средства анализа сетевого трафика, сетевого обнаружения и реагирования Palo Alto Networks Cortex XDR Agent, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость средства анализа сетевого трафика, сетевого обнаружения и реагирования Palo Alto Networks Cortex XDR Agent связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H


                    
                      AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Vendor

Palo Alto Networks Inc.

Software Name

Cortex XDR Agent

Software Version

от 8.6 до 8.6.1 (Cortex XDR Agent), от 8.5 до 8.5.2 (Cortex XDR Agent), от 7.9-CE до 7.9.103-CE HF (Cortex XDR Agent), от 8.3-CE до 8.3.101-CE HF (Cortex XDR Agent)

Possible Mitigations

Использоание рекомендаций: https://security.paloaltonetworks.com/CVE-2025-0121

Reference

https://security.paloaltonetworks.com/CVE-2025-0121

CWE

CWE-476

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": "AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Palo Alto Networks Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 8.6 \u0434\u043e 8.6.1 (Cortex XDR Agent), \u043e\u0442 8.5 \u0434\u043e 8.5.2 (Cortex XDR Agent), \u043e\u0442 7.9-CE \u0434\u043e 7.9.103-CE HF (Cortex XDR Agent), \u043e\u0442 8.3-CE \u0434\u043e 8.3.101-CE HF (Cortex XDR Agent)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://security.paloaltonetworks.com/CVE-2025-0121",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.04.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.07.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "30.07.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-09213",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-0121",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cortex XDR Agent",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Palo Alto Networks Cortex XDR Agent, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Palo Alto Networks Cortex XDR Agent \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://security.paloaltonetworks.com/CVE-2025-0121",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)"
}

FKIE_CVE-2025-0121

Vulnerability from fkie_nvd - Published: 2025-04-11 02:15 - Updated: 2025-04-11 15:39

Severity ?

6.8 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

Summary

References

	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2025-0121

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A null pointer dereference vulnerability in the Palo Alto Networks Cortex\u00ae XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it."
    },
    {
      "lang": "es",
      "value": " Una vulnerabilidad de desreferencia de puntero nulo en el agente Cortex\u00ae XDR de Palo Alto Networks en dispositivos Windows permite que un usuario local de Windows con bajos privilegios bloquee el agente. Adem\u00e1s, el malware puede utilizar esta vulnerabilidad para realizar actividades maliciosas sin que Cortex XDR pueda detectarlas."
    }
  ],
  "id": "CVE-2025-0121",
  "lastModified": "2025-04-11T15:39:52.920",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "DIFFUSE",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-11T02:15:18.403",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0121"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    }
  ]
}

CERTFR-2025-AVI-0301

Vulnerability from certfr_avis - Published: 2025-04-10 - Updated: 2025-04-10

De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	Prisma SD-WAN	Prisma SD-WAN versions 6.2.x et 6.3.x antérieures à 6.3.4
Palo Alto Networks	Prisma SD-WAN	Prisma SD-WAN versions 6.5.x antérieures à 6.5.1
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 8.3-CE.x antérieures à 8.3.101-CE HF pour Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.x antérieures à 11.2.6
Palo Alto Networks	Prisma Access	Prisma Access versions 10.2.4.x antérieures à 10.2.4-h36
Palo Alto Networks	Cloud NGFW	Cloud NGFW sans les derniers correctifs de sécurité
Palo Alto Networks	Prisma Access	Prisma Access versions 11.2.x antérieures à 11.2.4-h5
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.x antérieures à 6.2.8 pour Windows
Palo Alto Networks	Cortex XDR Broker	Cortex XDR Broker VM versions antérieures à 26.100.3
Palo Alto Networks	GlobalProtect App	GlobalProtect App versions 6.3.x antérieures à 6.3.3 pour Windows
Palo Alto Networks	Prisma SD-WAN	Prisma SD-WAN versions 6.4.x antérieures à 6.4.2
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 8.6.x antérieures à 8.6.1 pour Windows
Palo Alto Networks	Prisma Access Browser	Prisma Access Browser versions antérieures à 132.83.3017.1
Palo Alto Networks	Prisma SD-WAN	Prisma SD-WAN versions 6.1.x antérieures à 6.1.10
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 8.5.x antérieures à 8.5.2 pour Windows
Palo Alto Networks	Prisma Access	Prisma Access versions 10.2.10.x antérieures à 10.2.10-h16
Palo Alto Networks	Cortex XDR Agent	Cortex XDR Agent versions 7.9-CE.x antérieures à 7.9.103-CE HF pour Windows
Palo Alto Networks	PAN-OS	PAN-OS versions 10.1.x antérieures à 10.1.14-h13
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.x antérieures à 11.1.8
Palo Alto Networks	PAN-OS	PAN-OS versions 11.0.x antérieures à 11.0.6
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.x antérieures à 10.2.15

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto Networks CVE-2025-0122	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0120	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0128	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks PAN-SA-2025-0008	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0125	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0127	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0123	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0119	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0124	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0126	2025-04-09	vendor-advisory
Bulletin de sécurité Palo Alto Networks CVE-2025-0121	2025-04-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Prisma SD-WAN versions 6.2.x et 6.3.x ant\u00e9rieures \u00e0 6.3.4",
      "product": {
        "name": "Prisma SD-WAN",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN versions 6.5.x ant\u00e9rieures \u00e0 6.5.1",
      "product": {
        "name": "Prisma SD-WAN",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 8.3-CE.x ant\u00e9rieures \u00e0 8.3.101-CE HF pour Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 10.2.4.x ant\u00e9rieures \u00e0 10.2.4-h36",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud NGFW sans les derniers correctifs de s\u00e9curit\u00e9",
      "product": {
        "name": "Cloud NGFW",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 11.2.x ant\u00e9rieures \u00e0 11.2.4-h5",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.x ant\u00e9rieures \u00e0 6.2.8 pour Windows",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Broker VM versions ant\u00e9rieures \u00e0 26.100.3",
      "product": {
        "name": "Cortex XDR Broker",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3 pour Windows",
      "product": {
        "name": "GlobalProtect App",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN versions 6.4.x ant\u00e9rieures \u00e0 6.4.2",
      "product": {
        "name": "Prisma SD-WAN",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 8.6.x ant\u00e9rieures \u00e0 8.6.1 pour Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 132.83.3017.1",
      "product": {
        "name": "Prisma Access Browser",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma SD-WAN versions 6.1.x ant\u00e9rieures \u00e0 6.1.10",
      "product": {
        "name": "Prisma SD-WAN",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 8.5.x ant\u00e9rieures \u00e0 8.5.2 pour Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Prisma Access versions 10.2.10.x ant\u00e9rieures \u00e0 10.2.10-h16",
      "product": {
        "name": "Prisma Access",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cortex XDR Agent versions 7.9-CE.x ant\u00e9rieures \u00e0 7.9.103-CE HF pour Windows",
      "product": {
        "name": "Cortex XDR Agent",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.14-h13",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.8",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.15",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0124"
    },
    {
      "name": "CVE-2025-2783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
    },
    {
      "name": "CVE-2025-2136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
    },
    {
      "name": "CVE-2025-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0120"
    },
    {
      "name": "CVE-2025-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0128"
    },
    {
      "name": "CVE-2025-1920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
    },
    {
      "name": "CVE-2025-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0126"
    },
    {
      "name": "CVE-2025-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0129"
    },
    {
      "name": "CVE-2025-2135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
    },
    {
      "name": "CVE-2025-2137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
    },
    {
      "name": "CVE-2025-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0121"
    },
    {
      "name": "CVE-2025-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0127"
    },
    {
      "name": "CVE-2025-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0123"
    },
    {
      "name": "CVE-2025-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0125"
    },
    {
      "name": "CVE-2025-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0122"
    },
    {
      "name": "CVE-2025-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0119"
    },
    {
      "name": "CVE-2025-2476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
    }
  ],
  "initial_release_date": "2025-04-10T00:00:00",
  "last_revision_date": "2025-04-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0301",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-04-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
  "vendor_advisories": [
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0122",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0122"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0120",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0120"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0128",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0128"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0008",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2025-0008"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0125",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0125"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0127",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0127"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0123",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0123"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0119",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0119"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0124",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0124"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0126",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0126"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0121",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0121"
    }
  ]
}

GHSA-CRR6-98CQ-P482

Vulnerability from github – Published: 2025-04-11 04:19 – Updated: 2025-04-11 04:19

Details

Severity ?

6.8 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-0121"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-11T02:15:18Z",
    "severity": "MODERATE"
  },
  "details": "A null pointer dereference vulnerability in the Palo Alto Networks Cortex\u00ae XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it.",
  "id": "GHSA-crr6-98cq-p482",
  "modified": "2025-04-11T04:19:27Z",
  "published": "2025-04-11T04:19:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0121"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2025-0121"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-0121 (GCVE-0-2025-0121)

CVE-2025-0121

FKIE_CVE-2025-0121

CERTFR-2025-AVI-0301

Solutions

GHSA-CRR6-98CQ-P482

Tags

Sightings

Nomenclature