CVE-2026-0232
MediumCVSS 4.4Exploitation Probability (EPSS)
Low risk4th percentile - higher than 4% of all known CVEs
Summary
A vulnerability in the Palo Alto Networks Cortex XDR agent for Windows allows a local Windows administrator to disable the agent. The issue stems from a flaw in the protection mechanism.
Risk Assessment
The risk is that malware can exploit this vulnerability to disable the Cortex XDR agent and perform malicious activities undetected by the security system.
Recommendation
It is recommended to immediately apply patches provided by Palo Alto Networks and restrict local Windows administrator privileges to the minimum necessary for operations.
Original NVD description (English source)
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a local Windows administrator to disable the agent. This issue may be leveraged by malware to perform malicious activity without detection.

