Autonomous Digital Experience Manager: Improper validation of ADEM certificate

2 / 10

LOW

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Green

Description

A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges.

Basic Information

ID CVE-2026-0233

Source palo_alto

Published Apr 13, 2026 at 07:17

Affected Product

Vendor Palo Alto Networks

Product Autonomous Digital Experience Manager

Version 5.10.0

Affected Versions Palo Alto Networks Autonomous Digital Experience Manager 5.10.0

CWE Classification

CWE-295

References

security.paloaltonetworks.com /CVE-2026-0233

{
    "lastseen": "",
    "description": "A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\\SYSTEM  privileges.",
    "published": "2026-04-13T07:17:34.585Z",
    "modified": "2026-04-13T07:17:34.585Z",
    "type": "cve",
    "title": "Autonomous Digital Experience Manager: Improper validation of ADEM certificate",
    "source": "palo_alto",
    "references": "https://security.paloaltonetworks.com/CVE-2026-0233",
    "id": "CVE-2026-0233",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "Palo Alto Networks Autonomous Digital Experience Manager 5.10.0",
    "sourceHref": "",
    "cvss": {
        "score": 2,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Green",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Autonomous Digital Experience Manager",
    "version": "5.10.0",
    "vendor": "Palo Alto Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Autonomous Digital Experience Manager: Improper validation of ADEM certificate_CVE-2026-0233