Cisors

**Name of the Vulnerable Software and Affected Versions** Prisma Browser on macOS (affected versions not specified) **Description** An improper protection of alternate path issue exists where access to an internal automation bridge is not properly restricted. This allows a locally authenticated non-admin user to use an exposed communication channel to send unauthorized commands to the browser, bypassing security controls. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Prisma Browser on macOS (affected versions not specified) **Description** A code injection issue exists where the software fails to properly restrict access to its AppleScript interface. This allows a locally authenticated non-admin user to use an exposed Apple Event handler to send unauthorized commands to the browser. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.