PT-2026-40770 · Palo Alto Networks · Prisma Access Agent

Published

2026-05-13

·

Updated

2026-05-14

·

CVE-2026-0246

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Palo Alto Networks Prisma Access Agent (affected versions not specified)
Description A flaw in the privilege management mechanism allows a locally authenticated non-administrative user to escalate privileges to root on macOS and Linux, or NT AUTHORITYSYSTEM on Windows. This enables the execution of arbitrary code and access to sensitive information restricted to privileged accounts.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07174
CVE-2026-0246

Affected Products

Prisma Access Agent