Palo Alto Networks Cortex XDR Agent±¾µØÌáȨ·ì϶£¨CVE-2021-3041£©

°ä²¼¹¦·ò 2021-06-10

0x00 ·ì϶¸ÅÊö

CVE   ID

CVE-2021-3041

ʱ    ¼ä

2021-06-10

Àà    ÐÍ

LPE

µÈ    ¼¶

¸ßΣ

Ô¶³ÌÀûÓÃ

·ñ

Ó°ÏìÁìÓò


¹¥»÷¸´ÔÓ¶È

µÍ

¿ÉÓÃÐÔ

¸ß

Óû§½»»¥

ÎÞ

ËùÐèȨÏÞ

µÍ

PoC/EXP

δ¹«¿ª

ÔÚÒ°ÀûÓÃ

·ñ

 

0x01 ·ì϶ÏêÇé

image.png

Palo Alto Networks Cortex XDR AgentÊÇPalo Alto Networks¹«Ë¾µÄÒ»¸öÓÃÓÚ¼ì²â¿Í»§¶ËÉ豸°²È«ÐԵĿͻ§¶ËÈí¼þ¡£

2021Äê06ÔÂ09ÈÕ£¬Palo Alto Networks°ä²¼°²È«²¼¸æ£¬¹«¿ªÁËWindows ƽ̨ÉÏCortex XDR AgentÖеÄÒ»¸ö±¾µØȨÏÞÌáÉý·ì϶£¨CVE-2021-3041£©£¬¾­¹ýÈÏÖ¤µÄ±¾µØ¹¥»÷Õß¿ÉÄÜÀûÓô˷ì϶ÒÔSYSTEMȨÏÞÖ´Ðз¨Ê½£¬µ«ÀûÓô˷ì϶±ØÒªÕ¼ÓÐÔÚWindows¸ùĿ¼Ï´´½¨Îļþ»ò²Ù×÷×¢²á±íµÄȨÏÞ¡£

 

Ó°ÏìÁìÓò

Cortex XDR Agent < 5.0.11

Cortex XDR Agent < 6.1.8

Cortex XDR Agent < 7.2.3 »ò ûÓÐÄÚÈݸüе½171»ò¸ü¸ß°æ±¾µÄ

 

 

0x02 ´ëÖý¨Òé

Ä¿Ç°´Ë·ì϶ÒѾ­½¨¸´£¬½¨ÒéʵʱÉý¼¶¸üÐÂÖ®ÒÔÏ°汾:

Cortex XDR Agent >= 7.2.3 »ò ÄÚÈݸüе½171 »ò¸ü¸ß°æ±¾

Cortex XDR Agent >= 6.1.8

Cortex XDR Agent >= 5.0.11

 

ÏÂÔØÁ´½Ó£º

https://support.paloaltonetworks.com/support

»º½â´ëÊ©£º

×èÖ¹±¾µØ¾­¹ýÉí·ÝÑéÖ¤µÄ Windows Óû§ÔÚ Windows ¸ùĿ¼£¨Èç C:\£©Öд´½¨Îļþ²¢²»ÈÝÆä²Ù×÷ Windows ×¢²á±í¡£

 

 

0x03 ²Î¿¼Á´½Ó

https://security.paloaltonetworks.com/CVE-2021-3041

https://nvd.nist.gov/vuln/detail/CVE-2021-3041

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3041

 

0x04 ¹¦·òÏß

2021-06-09  Palo Alto Networks°ä²¼°²È«²¼¸æ

2021-06-10  VSRC°ä²¼°²È«¹«¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

image.png