Prisma Access Agent: Local Privilege Escalation by Authorized Users
CVE-2026-0271

5.9MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Prisma Access Agent
Vendor: CVE Published:; 10 June 2026

🔔 Create Palo Alto Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2026-0271?

A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges.

This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.

Affected Version(s)

Prisma Access Agent Linux 0 < 26.2.1

Prisma Access Agent macOS All

References

https://security.paloaltonetworks.com/CVE-2026-0271

vendor-advisory

CVSS V4

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jun 10, 2026
Vulnerability published
Jun 10, 2026
Vulnerability Reserved
Nov 3, 2025

Credit

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.

CVE-2026-0271 Data

JSON