CVE-2026-0270

Vulnerability

A path traversal vulnerability exists in Palo Alto Networks Cortex XSOAR engine software running on Linux. This issue affects versions prior to 8.13.0.11 for Cortex XSOAR 8.13, and all versions of Cortex XSOAR 8.12, 8.11, 8.10, 6.14, 6.13, and 6.12. No special configuration is required for exposure [2].

Exploitation

An unauthenticated attacker on an adjacent network can exploit this vulnerability by intercepting and manipulating network response traffic via a man-in-the-middle (MITM) attack. This requires a high attack complexity and the presence of attack requirements, with user interaction being passive [2].

Impact

Successful exploitation allows an attacker to write arbitrary files to the host system. This results in a high impact on product confidentiality, integrity, and availability [2].

Mitigation

Palo Alto Networks has released version 8.13.0.11 for Cortex XSOAR 8.13 on Linux, which addresses this vulnerability. Users are advised to upgrade to this version or later. For other affected versions, no specific workarounds or mitigations are provided beyond upgrading to a fixed version, and Palo Alto Networks is not aware of any malicious exploitation of this issue [2].