CVE-2025-0139 Autonomous Digital Experience Manager: Privilege Escalation (PE) Vulnerability
Exploit Maturity
UNREPORTED
Response Effort
MODERATE
Recovery
USER
Value Density
DIFFUSE
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Automatable
NO
User Interaction
NONE
Product Confidentiality
NONE
Product Integrity
LOW
Product Availability
NONE
Privileges Required
LOW
Subsequent Confidentiality
HIGH
Subsequent Integrity
HIGH
Subsequent Availability
HIGH
Description
An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their privileges to root.
Product Status
| Versions | Affected | Unaffected |
|---|---|---|
| Autonomous Digital Experience Manager 5.6.0 | < 5.6.7 on macOS | >= 5.6.7 on macOS |
Required Configuration for Exposure
No special configuration is required to be vulnerable to this issue.
Severity: LOW, Suggested Urgency: MODERATE
CVSS-BT: 2.4 / CVSS-B: 6.3 (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:U/AU:N/R:U/V:D/RE:M/U:Amber)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type and Impact
CWE-266 Incorrect Privilege Assignment
CAPEC-233 Privilege Escalation
Solution
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Autonomous Digital Experience Manager 5.6 on macOS |
5.6.0 through 5.6.6 | Upgrade to 5.6.7 or later. |
Workarounds and Mitigations
There are no known workarounds or mitigations for this issue.
Acknowledgments
Palo Alto Networks thanks NVIDIA PSIRT for discovering and reporting this issue.
CPE Applicability
- cpe:2.3:a:palo_alto_networks:autonomous_digital_experience_manager:*:*:*:*:*:macOS:*:* is vulnerable from (including)5.6.0 and up to (excluding)5.6.7
Timeline
Initial Publication