Description
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19
Published: 2026-06-11
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an improper access control flaw in the internal agent validation processes of Idira Endpoint Privilege Manager. Because of this flaw, a local attacker could bypass built‑in security controls or cryptographic validations, effectively circumventing the agent’s self‑defense mechanisms. The result may be execution of unauthorized operations on the compromised system, as the flaw is categorized as CWE‑295 and has a CVSS score of 8.5.

Affected Systems

The flaw affects Idira Endpoint Privilege Manager agents running on Linux, macOS, and Windows that are at a version lower than 26.5. All affected agents exhibit the same improper validation behavior and are listed under the CyberArk Software, a Palo Alto Networks Company product.

Risk and Exploitability

The vulnerability has a high severity rating of 8.5. Its EPSS score is not available, so the precise exploitation probability is uncertain, but the absence of a KEV listing indicates no confirmed widespread exploitation yet. The attack vector, as the description states, requires local access to the agent; an attacker with sufficient local privileges can exploit the flaw to elevate privileges or execute arbitrary code.

Generated by OpenCVE AI on June 11, 2026 at 21:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Idira Endpoint Privilege Manager to version 26.5 or later as described in the CyberArk release notes.
  • If an upgrade cannot be performed immediately, limit file and process permissions on the agent binaries and configuration files so that only the intended privileged service account can access them.
  • Disable or restrict local access to the agent’s control interfaces and ensure that only whitelisted users or services can communicate with the agent.

Generated by OpenCVE AI on June 11, 2026 at 21:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 20:00:00 +0000

Type Values Removed Values Added
Description Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19
Title Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes
First Time appeared Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company idira Endpoint Privilege Manager
Weaknesses CWE-295
CPEs cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*
cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:macos:*:*:*:*:*
cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:windows:*:*:*:*:*
Vendors & Products Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company idira Endpoint Privilege Manager
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber'}

Subscriptions

Cyberark Software A Palo Alto Networks Company Idira Endpoint Privilege Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-06-11T18:57:08.844Z

Reserved: 2026-05-08T23:01:00.501Z

Link: CVE-2026-45175

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-11T20:16:22.653

Modified: 2026-06-11T20:56:29.653

Link: CVE-2026-45175

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T22:00:08Z

Weaknesses
  • CWE-295

    Improper Certificate Validation