Palo Alto Networks Cortex XDR Agent on macOS Can Be Disabled by Local Admin

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.0

Palo Alto Networks Cortex XDR Agent on macOS Can Be Disabled by Local Admin

CVE-2026-0230

Summary

A flaw in the Cortex XDR agent on macOS allows an attacker with local administrator privileges to turn off the protection mechanism. This could allow malware to run undetected on the system. To protect against this, update the Cortex XDR agent to the latest version.

Original title

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform mali...

Original description

nvd CVSS4.0 4.0

Vulnerability type

CWE-754

https://security.paloaltonetworks.com/CVE-2026-0230

Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026