Description
A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges.



This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.
Published: 2026-06-10
Score: 5.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

There is a local privilege escalation vulnerability in Prisma Access Agent running on Linux. A user with local device access can run arbitrary code with privileged rights, potentially attaining root level control. The flaw is a missing permission check (CWE‑732) that permits a privileged user to bypass security boundaries and execute code beyond their authorized scope.

Affected Systems

Affected versions are Palo Alto Networks Prisma Access Agent for Linux from 25.7 through 26.2.0. Versions after 26.2.1 are not impacted, and the vulnerability does not affect Windows, macOS, iOS, Android, or ChromeOS deployments.

Risk and Exploitability

The CVSS score is 5.9, indicating moderate risk; the EPSS score is not available and the issue is not listed in the CISA KEV catalog. Exploitation requires local access by an authorized user, so the attack vector is local. No publicly documented exploitation or workaround exists beyond the remediation release.

Generated by OpenCVE AI on June 10, 2026 at 22:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Prisma Access Agent on Linux to version 26.2.1 or later.
  • Restart the Prisma Access Agent service after upgrading to apply the new permissions.
  • Audit local user privileges to ensure no unnecessary elevated rights remain on the system.

Generated by OpenCVE AI on June 10, 2026 at 22:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Description A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.
Title Prisma Access Agent: Local Privilege Escalation by Authorized Users
First Time appeared Palo Alto Networks
Palo Alto Networks prisma Access Agent
Weaknesses CWE-732
CPEs cpe:2.3:a:palo_alto_networks:prisma_access_agent:*:*:*:*:*:Linux:*:*
Vendors & Products Palo Alto Networks
Palo Alto Networks prisma Access Agent
References
Metrics cvssV4_0

{'score': 5.9, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber'}

Subscriptions

Palo Alto Networks Prisma Access Agent
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-06-10T20:59:51.879Z

Reserved: 2025-11-03T20:44:31.121Z

Link: CVE-2026-0271

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-10T22:16:54.110

Modified: 2026-06-10T22:16:54.110

Link: CVE-2026-0271

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T23:00:20Z

Weaknesses