The security teams of the technology firm Palo Alto Networks announced the correction of a set of vulnerabilities in Prisma Cloud Compute, a solution for the protection of workloads in the cloud. The patches also address a flaw in the Windows agent for the Cortex XDR detection and response platform.
According to the report, the most severe flaw is a local privilege escalation error in Cortex XDR that received a score of 7.8/10 according to the Common Vulnerability Scoring System (CVSS). This flaw was tracked as CVE-2021-3042. Apparently, authenticated local threat actors could abuse this flaw to gain file creation privileges on the root directory.
This flaw resides in all versions of the Cortex XDR agent that did not receive content update 181 or later. To mitigate the risk of exploitation, Palo Alto recommends that you prevent users from creating files in the vulnerable directory.
This flaw resides in Prisma versions 20.12 and 21.04. Updates will be applied automatically along with the Prisma Cloud Compute SaaS installation.
The company concluded its security alert by mentioning that so far no attempts at active exploitation of these flaws have been detected.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.