CVE-2025-0121
Published: 11 April 2025
Summary
CVE-2025-0121 is a medium-severity NULL Pointer Dereference (CWE-476) vulnerability in Paloaltonetworks (inferred from references). Its CVSS base score is 6.8 (Medium).
Operationally, ranked at the 37.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-15139
Vulnerability details
A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being…
more
able to detect it.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.