Description
Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19
Published: 2026-06-11
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability in the Idira Endpoint Privilege Manager Linux Agent permits a local attacker to sidestep proper daemon initialization, potentially allowing the attacker to gain elevated privileges and complete control over the agent on the host. This can compromise confidentiality, integrity, and availability within the protected environment.

Affected Systems

CyberArk Software, a Palo Alto Networks Company: Idira Endpoint Privilege Manager Linux Agent versions earlier than 26.5 are impacted. Users running the Linux agent on any supported distribution without applying the 26.5 update are at risk.

Risk and Exploitability

The flaw carries a CVSS score of 8.5, indicating high severity, and there is no EPSS data available, so exploitation probability is unclear. The vulnerability is not listed in CISA KEV. It is inferred that the attack vector requires local access; a user with local privileges could exploit the agent by executing a crafted payload that manipulates the startup routine, thus posing significant risk in environments with permissive local user privileges.

Generated by OpenCVE AI on June 11, 2026 at 22:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest update to the Idira Endpoint Privilege Manager Linux Agent, version 26.5 or later, to remediate the initialization bypass.
  • Restrict local user permissions so that only authorized users can execute the agent binary and related scripts.
  • Enable auditing and monitoring of the agent process to detect unauthorized restarts or manipulation of its startup configuration.

Generated by OpenCVE AI on June 11, 2026 at 22:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Description Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19
Title Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization
First Time appeared Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company idira Endpoint Privilege Manager
Weaknesses CWE-404
CPEs cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*
Vendors & Products Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company idira Endpoint Privilege Manager
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber'}

Subscriptions

Cyberark Software A Palo Alto Networks Company Idira Endpoint Privilege Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-06-11T21:22:13.066Z

Reserved: 2026-05-08T23:01:00.501Z

Link: CVE-2026-45174

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-11T22:16:57.613

Modified: 2026-06-11T22:16:57.613

Link: CVE-2026-45174

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T22:30:09Z

Weaknesses
  • CWE-404

    Improper Resource Shutdown or Release