Palo Alto Networks Cortex XDR Agentµ±µØÌáȨ©¶´£¨CVE-2021-3041£©

Ðû²¼Ê±¼ä 2021-06-10

0x00 ©¶´¸ÅÊö

CVE   ID

CVE-2021-3041

ʱ    ¼ä

2021-06-10

Àà    ÐÍ

LPE

µÈ    ¼¶

¸ßΣ

Ô¶³ÌÀûÓÃ

·ñ

Ó°Ï췶Χ


¹¥»÷ÅÓ´ó¶È

µÍ

¿ÉÓÃÐÔ

¸ß

Óû§½»»¥

ÎÞ

ËùÐèȨÏÞ

µÍ

PoC/EXP

δ¹ûÈ»

ÔÚÒ°ÀûÓÃ

·ñ

 

0x01 ©¶´ÏêÇé

image.png

Palo Alto Networks Cortex XDR AgentÊÇPalo Alto Networks¹«Ë¾µÄÒ»¸öÓÃÓÚ¼ì²â¿Í»§¶ËÉ豸Äþ¾²ÐԵĿͻ§¶ËÈí¼þ¡£

2021Äê06ÔÂ09ÈÕ£¬Palo Alto NetworksÐû²¼Äþ¾²Í¨¸æ£¬¹ûÈ»ÁËWindows ƽ̨ÉÏCortex XDR AgentÖеÄÒ»¸öµ±µØȨÏÞÌáÉý©¶´£¨CVE-2021-3041£©£¬¾­¹ýÈÏÖ¤µÄµ±µØ¹¥»÷ÕßÄܹ»ÀûÓôË©¶´ÒÔSYSTEMȨÏÞÖ´Ðз¨Ê½£¬µ«ÀûÓôË©¶´ÐèÒªÓµÓÐÔÚWindows¸ùĿ¼Ï´´½¨Îļþ»ò²Ù×÷×¢²á±íµÄȨÏÞ¡£

 

Ó°Ï췶Χ

Cortex XDR Agent < 5.0.11

Cortex XDR Agent < 6.1.8

Cortex XDR Agent < 7.2.3 »ò ûÓÐÄÚÈݸüе½171»ò¸ü¸ß°æ±¾µÄ

 

 

0x02 ´¦Öý¨Òé

Ä¿Ç°´Ë©¶´ÒѾ­ÐÞ¸´£¬½¨Ò鼰ʱÉý¼¶¸üÐÂÖ®ÒÔÏ°汾:

Cortex XDR Agent >= 7.2.3 »ò ÄÚÈݸüе½171 »ò¸ü¸ß°æ±¾

Cortex XDR Agent >= 6.1.8

Cortex XDR Agent >= 5.0.11

 

ÏÂÔØÁ´½Ó£º

https://support.paloaltonetworks.com/support

»º½â´ëÊ©£º

×èÖ¹µ±µØ¾­¹ýÉí·ÝÑéÖ¤µÄ Windows Óû§ÔÚ Windows ¸ùĿ¼£¨Èç C:\£©Öд´½¨Îļþ²¢½ûÖ¹Æä²Ù×÷ Windows ×¢²á±í¡£

 

 

0x03 ²Î¿¼Á´½Ó

https://security.paloaltonetworks.com/CVE-2021-3041

https://nvd.nist.gov/vuln/detail/CVE-2021-3041

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3041

 

0x04 ʱ¼äÏß

2021-06-09  Palo Alto NetworksÐû²¼Äþ¾²Í¨¸æ

2021-06-10  VSRCÐû²¼Äþ¾²Í¨¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

image.png