Description
CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs
Published: 2026-02-25
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

The vulnerability allows an attacker to potentially elevate privileges by exploiting the Endpoint Privilege Manager Agent’s elevation dialogs. The flaw resides in how the Agent processes these dialogs, permitting an unauthorized user to obtain higher privileges than intended. The weakness is classified as unauthorized elevation of privilege, CWE‑269.

Affected Systems

Affected systems are deployments of CyberArk Endpoint Privilege Manager Agent version 25.10.0 and earlier. The issue exists in the Agent software distributed by CyberArk, a Palo Alto Networks company, and impacts any workstation or server running the vulnerable Agent component. No specific patch version is listed in the input, but the vulnerability applies to all releases up to and including 25.10.0.

Risk and Exploitability

The CVSS score of 8.5 indicates high severity, but the EPSS score of less than 1% suggests a low probability of exploitation at present. The vulnerability is not reported in CISA’s KEV catalog. An attacker would likely need to trick a user into interacting with an elevation dialog or already have local access to abuse the flaw, as the input does not explicitly describe the attack vector. Organizations that mitigate the flaw should promptly apply the latest Agent release and review privilege elevation practices.

Generated by OpenCVE AI on April 17, 2026 at 15:34 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Endpoint Privilege Manager Agent to a version newer than 25.10.0 to eliminate the elevation flaw.
  • Restrict the use of elevation dialogs to only approved applications and enforce additional authentication such as MFA where possible.
  • Review and enforce least‑privilege user policies on the systems running the Agent to ensure that potential privilege escalation has minimal impact.

Generated by OpenCVE AI on April 17, 2026 at 15:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 16:00:00 +0000

Type Values Removed Values Added
Title Privilege Elevation via Endpoint Privilege Manager Elevation Dialogs

Fri, 27 Feb 2026 19:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:cyberark:endpoint_privilege_manager:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 26 Feb 2026 22:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269

Wed, 25 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 25 Feb 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Cyberark
Cyberark endpoint Privilege Manager
Vendors & Products Cyberark
Cyberark endpoint Privilege Manager

Wed, 25 Feb 2026 02:00:00 +0000

Type Values Removed Values Added
Description CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Cyberark Endpoint Privilege Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-02-26T21:42:22.714Z

Reserved: 2026-02-20T20:28:42.940Z

Link: CVE-2026-2914

cve-icon Vulnrichment

Updated: 2026-02-25T21:12:14.288Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-25T02:16:23.130

Modified: 2026-02-27T18:58:08.133

Link: CVE-2026-2914

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T15:45:15Z

Weaknesses