Privilege Escalation in Idira Endpoint Privilege Manager by CyberArk
CVE-2026-45174

8.5HIGH

What is CVE-2026-45174?

The Idira Endpoint Privilege Manager Linux Agent versions earlier than 26.5 contain a vulnerability that allows a local attacker to compromise the initialization process of the agent daemon. Successful exploitation of this vulnerability could potentially lead to unauthorized privilege escalation, enabling the attacker to perform restricted actions within the environment.

Affected Version(s)

Idira Endpoint Privilege Manager Linux 26.0 < 26.5

References

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
.