Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for idira_endpoint_privilege_manager by paloaltonetworks

    CVE-2026-45174 (GCVE-0-2026-45174)

    Vulnerability from nvd – Published: 2026-06-11 21:22 – Updated: 2026-06-13 03:55
    VLAI
    Title
    Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization
    Summary
    Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-404 - Improper Resource Shutdown or Release
    Assigner
    References
    Impacted products
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45174",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:55:52.203Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Idira Endpoint Privilege Manager",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "26.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "26.5",
                  "status": "affected",
                  "version": "26.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19"
                }
              ],
              "value": "Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-554",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-554 Functionality Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404: Improper Resource Shutdown or Release",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T21:22:13.066Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45174",
        "datePublished": "2026-06-11T21:22:13.066Z",
        "dateReserved": "2026-05-08T23:01:00.501Z",
        "dateUpdated": "2026-06-13T03:55:52.203Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45175 (GCVE-0-2026-45175)

    Vulnerability from nvd – Published: 2026-06-11 18:57 – Updated: 2026-06-13 03:55
    VLAI
    Title
    Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes
    Summary
    Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Impacted products
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45175",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:55:48.824Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "macOS",
                "Linux"
              ],
              "product": "Idira Endpoint Privilege Manager",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "26.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "26.5",
                  "status": "affected",
                  "version": "26.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:windows:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:macos:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19"
                }
              ],
              "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295: Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T18:57:08.844Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650control"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45175",
        "datePublished": "2026-06-11T18:57:08.844Z",
        "dateReserved": "2026-05-08T23:01:00.501Z",
        "dateUpdated": "2026-06-13T03:55:48.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45176 (GCVE-0-2026-45176)

    Vulnerability from nvd – Published: 2026-06-11 18:49 – Updated: 2026-06-13 03:55
    VLAI
    Title
    Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation
    Summary
    Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - [Discouraged] CWE-269: Improper Privilege Management
    Assigner
    Impacted products
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45176",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:55:47.522Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "macOS",
                "Linux"
              ],
              "product": "Idira Endpoint Privilege Manager",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "26.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "26.5",
                  "status": "affected",
                  "version": "26.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:windows:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:macos:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19"
                }
              ],
              "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.9,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "[Discouraged] CWE-269: Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T18:49:00.712Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45176",
        "datePublished": "2026-06-11T18:49:00.712Z",
        "dateReserved": "2026-05-08T23:01:00.502Z",
        "dateUpdated": "2026-06-13T03:55:47.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45174 (GCVE-0-2026-45174)

    Vulnerability from cvelistv5 – Published: 2026-06-11 21:22 – Updated: 2026-06-13 03:55
    VLAI
    Title
    Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization
    Summary
    Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-404 - Improper Resource Shutdown or Release
    Assigner
    References
    Impacted products
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45174",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:55:52.203Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Idira Endpoint Privilege Manager",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "26.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "26.5",
                  "status": "affected",
                  "version": "26.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19"
                }
              ],
              "value": "Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-554",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-554 Functionality Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404: Improper Resource Shutdown or Release",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T21:22:13.066Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45174",
        "datePublished": "2026-06-11T21:22:13.066Z",
        "dateReserved": "2026-05-08T23:01:00.501Z",
        "dateUpdated": "2026-06-13T03:55:52.203Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45175 (GCVE-0-2026-45175)

    Vulnerability from cvelistv5 – Published: 2026-06-11 18:57 – Updated: 2026-06-13 03:55
    VLAI
    Title
    Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes
    Summary
    Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Impacted products
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45175",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:55:48.824Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "macOS",
                "Linux"
              ],
              "product": "Idira Endpoint Privilege Manager",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "26.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "26.5",
                  "status": "affected",
                  "version": "26.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:windows:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:macos:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19"
                }
              ],
              "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295: Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T18:57:08.844Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650control"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45175",
        "datePublished": "2026-06-11T18:57:08.844Z",
        "dateReserved": "2026-05-08T23:01:00.501Z",
        "dateUpdated": "2026-06-13T03:55:48.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45176 (GCVE-0-2026-45176)

    Vulnerability from cvelistv5 – Published: 2026-06-11 18:49 – Updated: 2026-06-13 03:55
    VLAI
    Title
    Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation
    Summary
    Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - [Discouraged] CWE-269: Improper Privilege Management
    Assigner
    Impacted products
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45176",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:55:47.522Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows",
                "macOS",
                "Linux"
              ],
              "product": "Idira Endpoint Privilege Manager",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "26.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "26.5",
                  "status": "affected",
                  "version": "26.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:windows:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:macos:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*",
                      "versionEndExcluding": "26.5",
                      "versionStartIncluding": "26.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19"
                }
              ],
              "value": "Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.9,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "[Discouraged] CWE-269: Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T18:49:00.712Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45176",
        "datePublished": "2026-06-11T18:49:00.712Z",
        "dateReserved": "2026-05-08T23:01:00.502Z",
        "dateUpdated": "2026-06-13T03:55:47.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }