Privilege Escalation Vulnerability in Palo Alto Networks Prisma Access Agent
CVE-2026-0246

5.9MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Prisma Access Agent
Vendor: CVE Published:; 13 May 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0246?

A privilege management flaw in the Palo Alto Networks Prisma Access Agent allows a locally authenticated non-administrative user to elevate their privileges to root on macOS and Linux, or NT AUTHORITY\SYSTEM on Windows. This vulnerability can lead to the execution of arbitrary code and unauthorized access to sensitive information that is otherwise restricted to privileged accounts. Notably, the versions of the Prisma Access Agent on iOS, Android, and Chrome OS remain unaffected.

Affected Version(s)

Prisma Access Agent Linux 0 < 26.2.1

Prisma Access Agent macOS 0 < 26.2.1

Prisma Access Agent Windows 0 < 26.2.1

References

https://security.paloaltonetworks.com/CVE-2026-0246

vendor-advisory

CVSS V4

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 13, 2026
Vulnerability published
May 13, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.

CVE-2026-0246 Data

JSON