CVE-2026-0246 | THREATINT

Description

A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts. The Prisma Access Agent on iOS, Android and Chrome OS are not affected.

PUBLISHED Reserved 2025-11-03 | Published 2026-05-13 | Updated 2026-05-13 | Assigner palo_alto

MEDIUM: 5.9CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber

Problem types

CWE-862 Missing Authorization

Product status

Default status

unaffected

Any version before 26.2.1

affected

Default status

unaffected

Any version before 26.2.1

affected

Default status

unaffected

Any version before 26.2.1

affected

Default status

unaffected

All (custom)

unaffected

Timeline

2026-05-13:

Initial publication.

Credits

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue. other

References

security.paloaltonetworks.com/CVE-2026-0246 vendor-advisory

cve.org (CVE-2026-0246)

nvd.nist.gov (CVE-2026-0246)

Download JSON