Palo Alto Networks announced the availability of patches to address security flaws in the Cortex XDR Agent, Cortex XSOAR and PAN-OS. Updates fix the following issues:

CVE-2022-0024 – security vulnerability in Palo Alto Networks PAN-OS software that allows to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges;

CVE-2022-0025 - local privilege escalation (PE) vulnerability in Palo Alto Networks Cortex XDR Agent software on Windows;

CVE-2022-0026 - local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR Agent software on Windows;

CVE-2022-0027 - an improper authorization vulnerability in Palo Alto Network Cortex XSOAR software.

More information on vulnerabilities and updates is available in Palo Alto Networks security advisories – paloaltonetworks.com.