Description
An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings.
Published: 2026-05-13
Score: 4.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authenticated attacker can read sensitive data stored in the Trust Protection Foundation vault. Access to this vault allows the attacker to impersonate any user within the environment and arbitrarily alter configuration settings.

Affected Systems

Vendors and products affected are Palo Alto Networks Trust Protection Foundation. The vulnerability impacts all listed stable releases from version 24.1.0 through 24.1.12, 24.3.0 through 24.3.5, 25.1.0 through 25.1.7, and 25.3.0 through 25.3.2. Upgrading to 24.1.13 or newer, 24.3.6 or newer, 25.1.8 or newer, or 25.3.3 or newer resolves the issue.

Risk and Exploitability

With a CVSS score of 4.5, the score represents a moderate severity. The lack of an available EPSS score and absence from the CISA KEV catalog indicate that known exploitation is not currently widespread. Exploitation requires a valid authenticated session to the Trust Protection Foundation server. Once authenticated, an attacker can leverage the vault read capability to obtain privileged information, enable user impersonation, and change configuration settings that could impact security and system stability.

Generated by OpenCVE AI on May 13, 2026 at 20:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑recommended patch to a version that includes the fix: upgrade to Trust Protection Foundation 24.1.13 or later, 24.3.6 or later, 25.1.8 or later, or 25.3.3 or later.
  • If upgrading immediately is not possible, restrict access to the vault by applying least‑privilege role assignments and audit access logs for any abnormal activity.
  • Configure monitoring to detect unauthorized configuration modifications and enforce integrity checks on critical configuration files.

Generated by OpenCVE AI on May 13, 2026 at 20:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 11:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 13 May 2026 19:15:00 +0000

Type Values Removed Values Added
Description An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings.
Title Trust Protection Foundation: Sensitive Information Disclosure Vulnerability
First Time appeared Palo Alto Networks
Palo Alto Networks trust Protection Foundation
Weaknesses CWE-497
CPEs cpe:2.3:a:palo_alto_networks:trust_protection_foundation:*:*:*:*:*:*:*:*
Vendors & Products Palo Alto Networks
Palo Alto Networks trust Protection Foundation
References
Metrics cvssV4_0

{'score': 4.5, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber'}

Subscriptions

Palo Alto Networks Trust Protection Foundation
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-05-15T09:56:36.574Z

Reserved: 2025-11-03T20:44:01.023Z

Link: CVE-2026-0240

cve-icon Vulnrichment

Updated: 2026-05-13T19:30:31.717Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T19:16:57.767

Modified: 2026-05-14T16:21:23.190

Link: CVE-2026-0240

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T22:00:06Z

Weaknesses