Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux
CVE-2026-0268

4.4MEDIUM

Key Information:

Vendor

Palo Alto Networks
Status
Prisma Access Agent
Vendor
CVE Published:
10 June 2026

Badges

👾 Exploit Exists

What is CVE-2026-0268?

A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel.

This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.

Affected Version(s)

Prisma Access Agent Linux 0 < 26.2.1

Prisma Access Agent Windows All

References

https://security.paloaltonetworks.com/CVE-2026-0268
vendor-advisory

CVSS V4

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

our internal security research teams
.