Prisma Access Agent: Local Privilege Escalation Vulnerability_CVE-2026-0246

5.9 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber

Description

A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts.

The Prisma Access Agent on iOS, Android and Chrome OS are not affected.

Basic Information

ID CVE-2026-0246

Source palo_alto

Published May 13, 2026 at 18:51

Modified May 13, 2026 at 19:30

Affected Product

Vendor Palo Alto Networks

Product Prisma Access Agent

Affected Versions Palo Alto Networks Prisma Access Agent 0
Palo Alto Networks Prisma Access Agent 0
Palo Alto Networks Prisma Access Agent 0

CWE Classification

CWE-862

References

security.paloaltonetworks.com /CVE-2026-0246

{
    "lastseen": "",
    "description": "A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent\u00ae enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts.\n\n\n\nThe Prisma Access Agent on iOS, Android and Chrome OS are not affected.",
    "published": "2026-05-13T18:51:06.275Z",
    "modified": "2026-05-13T19:30:50.538Z",
    "type": "cve",
    "title": "Prisma Access Agent: Local Privilege Escalation Vulnerability",
    "source": "palo_alto",
    "references": "https://security.paloaltonetworks.com/CVE-2026-0246",
    "id": "CVE-2026-0246",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "Palo Alto Networks Prisma Access Agent 0\nPalo Alto Networks Prisma Access Agent 0\nPalo Alto Networks Prisma Access Agent 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Prisma Access Agent",
    "version": "0",
    "vendor": "Palo Alto Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}