InfoSecBulletin Cybersecurity for mankind
Palo Alto Networks has issued important updates to fix 3 different flaws in its security products. These issues affect the Cortex XDR Agent, the Autonomous Digital Experience Manager (ADEM), and Cortex XSOAR/XSIAM platforms. The flaws include ways to skip local protection and access resources without permission.
The first flaw, known as CVE-2026-0232, impacts the Cortex XDR Agent on Windows computers. There is an issue with a safety feature that lets a local Windows admin turn off the agent completely.
OpenAI unveils its first custom chip, Named Jalapeño
Bajaj Auto System Hit by a Ransomware Attack
Cisco Unified CM flaw CVE-2026-20230 exploited in attacks
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
Affected Versions: Cortex XDR Agent versions 9.0 (prior to 9.0.1 without CU-2120), 8.9 (prior to 8.9.1 without CU-2120), and several CE versions.
The Fix: Users should upgrade to 9.1 or apply CU-2120.
Another flaw is in a local privilege escalation vulnerability in the Autonomous Digital Experience Manager (ADEM) for Windows. This vulnerability, tracked as CVE-2026-0233, allows a local Windows user to “execute arbitrary code with NT AUTHORITY\SYSTEM privileges”.
An attacker could take full control of the machine by getting the highest system access. They could also install backdoors or steal sensitive data.
Affected Versions: ADEM on Windows versions prior to 5.10.14.
The Fix: Palo Alto Networks urges upgrading to version 5.10.14 or newer.
The final advisory highlights an “improper verification of cryptographic signature” within the Microsoft Teams integration for the Cortex XSOAR and XSIAM platforms.
This serious problem, known as CVE-2026-0234 (CVSS 7.2), is worrying because it lets anyone without a login get into and change protected information. By avoiding signature checks, a hacker could insert themselves into secure chats or alter platform data.
Affected Versions: Cortex XSIAM and XSOAR Microsoft Teams Marketplace versions prior to 1.5.52.
The Fix: Administrators should update to Marketplace integration version 1.5.52 or higher.
Palo Alto Networks says it does not know of any bad uses of these flaws right now. Still, companies are encouraged to quickly install these updates to keep their defenses strong.
