Privilege Escalation in Idira Endpoint Privilege Manager by CyberArk
CVE-2026-45174
8.5HIGH
Key Information:
- Vendor
- CVE Published:
- 11 June 2026
Badges
👾 Exploit Exists
What is CVE-2026-45174?
The Idira Endpoint Privilege Manager Linux Agent versions earlier than 26.5 contain a vulnerability that allows a local attacker to compromise the initialization process of the agent daemon. Successful exploitation of this vulnerability could potentially lead to unauthorized privilege escalation, enabling the attacker to perform restricted actions within the environment.
Affected Version(s)
Idira Endpoint Privilege Manager Linux 26.0 < 26.5
References
CVSS V4
Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
