Home
MEDIUM: 5.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:C/RE:H/U:AmberDefault status
unaffected
24.0 (custom) before 26.2.1
affected
Default status
unaffected
All (custom)
unaffected
Description
Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention (DLP) component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected.
Problem types
CWE-693 Protection Mechanism Failure
Product status
24.0 (custom) before 26.2.1
All (custom)
Timeline
| 2026-07-08: | Initial Publication |
Credits
Daniel Cuthbert and Vladislav Ovitchinikov from Banco Santander
References
security.paloaltonetworks.com/CVE-2026-0278