{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Prisma Access Agent: Local Privilege Escalation Vulnerability"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2026-0246","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-05-13T21:55:46.932Z","generator":{"date":"2026-05-13T21:55:46.932Z","engine":{"name":"Vulnogram","version":"0.1.0-dev"}},"id":"CVE-2026-0246","initial_release_date":"2026-05-13T16:00:00.000Z","revision_history":[{"number":"1","date":"2026-05-13T09:00:00.000Z","summary":"Initial publication."}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"Prisma Access Agent","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/Prisma Access Agent<26.2.1","product":{"name":"Palo Alto Networks Prisma Access Agent","product_id":"PANW-Prisma-Access-Agent-1"}},{"category":"product_version_range","name":"vers:generic/Prisma Access Agent>=26.2.1","product":{"name":"Palo Alto Networks Prisma Access Agent","product_id":"PANW-Prisma-Access-Agent-1"}},{"category":"product_version_range","name":"vers:generic/Prisma Access Agent<26.2.1","product":{"name":"Palo Alto Networks Prisma Access Agent","product_id":"PANW-Prisma-Access-Agent-1"}},{"category":"product_version_range","name":"vers:generic/Prisma Access Agent>=26.2.1","product":{"name":"Palo Alto Networks Prisma Access Agent","product_id":"PANW-Prisma-Access-Agent-1"}},{"category":"product_version_range","name":"vers:generic/Prisma Access Agent<26.2.1","product":{"name":"Palo Alto Networks Prisma Access Agent","product_id":"PANW-Prisma-Access-Agent-1"}},{"category":"product_version_range","name":"vers:generic/Prisma Access Agent>=26.2.1","product":{"name":"Palo Alto Networks Prisma Access Agent","product_id":"PANW-Prisma-Access-Agent-1"}},{"category":"product_version","name":"Prisma Access Agent All","product":{"name":"Palo Alto Networks Prisma Access Agent","product_id":"PANW-Prisma-Access-Agent-2"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-0246","product_status":{"fixed":["PANW-Prisma-Access-Agent-1"],"known_affected":["PANW-Prisma-Access-Agent-1"],"known_not_affected":["PANW-Prisma-Access-Agent-2"]},"notes":[{"category":"description","text":"A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts.\n\nThe Prisma Access Agent on iOS, Android and Chrome OS are not affected."}],"references":[{"category":"external","summary":"NVD - CVE-2026-0246","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0246"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2026-0246","url":"https://security.paloaltonetworks.com/CVE-2026-0246"}],"threats":[{"category":"impact","description":"A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts.\n\nThe Prisma Access Agent on iOS, Android and Chrome OS are not affected."}],"scores":[{"cvss_v4":{"version":"4.0","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.5,"threatSeverity":"MEDIUM","threatScore":5.9,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"},"products":["PANW-Prisma-Access-Agent-1"]}]}]}