Local Privilege Escalation in Akamai Guardicore Platform Agent and Zero Trust Client
CVE-2026-34354

7.4HIGH

Key Information:

Vendor: Akamai
Status: Guardicore Platform Agent; Zero Trust Client
Vendor: CVE Published:; 8 May 2026

What is CVE-2026-34354?

The Akamai Guardicore Platform Agent and Zero Trust Client on Linux and macOS present a vulnerability allowing local privilege escalation through a TOCTOU (Time of Check to Time of Use) flaw. This issue arises from the GPA service's creation of an IPC socket in a world-writable /tmp directory and its acceptance of unauthenticated IPC control messages. Specifically, the HandleSaveLogs() function is affected, enabling a local user to create a log file and exploit it by establishing a symlink to a targeted path, thus making arbitrary root-owned files world-writable. Additionally, the gimmelogs tool, which operates with root privileges, is susceptible to command injection via the dbstore, providing an alternative path for privilege escalation. This vulnerability affects specific versions of the Guardicore Platform Agent and Zero Trust Client, necessitating timely remediation.

Affected Version(s)

Guardicore Platform Agent Linux 7.0 <= 7.3.1

Zero Trust Client Linux 6.0 <= 6.1.5

References

https://www.akamai.com/blog/security-research/advisory-cv...

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2026
Vulnerability Reserved
Mar 27, 2026

CVE-2026-34354 Data

JSON