Description
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19
Published: 2026-06-11
Score: 8.9 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is caused by improper access control within high‑privileged components of the Idira Endpoint Privilege Manager agent, allowing a local user with limited privileges to manipulate internal communication mechanisms or file operations. If successful, the attacker can bypass permission checks and execute unauthorized local actions with elevated privileges. The primary impact is local privilege escalation.

Affected Systems

CyberArk Software’s Idira Endpoint Privilege Manager agent versions earlier than 26.5 running on Linux, macOS, or Windows are affected. All editions of the product on these operating systems are vulnerable when the agent component is below version 26.5.

Risk and Exploitability

The CVSS score of 8.9 indicates a severe severity. The EPSS score is unavailable, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires local access; a low‑privileged user can send crafted messages to internal channels or modify specific files to trigger the flaw. Successful exploitation would grant the attacker elevated privileges on the host, potentially allowing further local actions. Although no public exploit is known, the severity and local‑only nature suggest that the threat level remains high for environments with unpatched agents.

Generated by OpenCVE AI on June 11, 2026 at 21:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Idira Endpoint Privilege Manager agent to version 26.5 or later as indicated in the release notes for Linux, macOS, and Windows.
  • If an immediate upgrade cannot be performed, configure the agent service to run with the least privilege necessary and restrict file system and communication paths that the privileged components use.
  • Verify and enforce proper file system permissions on all agent files and directories that control privileged operations, ensuring they are owned by an administrator account and inaccessible to non‑privileged users.

Generated by OpenCVE AI on June 11, 2026 at 21:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 11 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19
Title Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation
First Time appeared Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company idira Endpoint Privilege Manager
Weaknesses CWE-269
CPEs cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*
cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:macos:*:*:*:*:*
cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:windows:*:*:*:*:*
Vendors & Products Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company idira Endpoint Privilege Manager
References
Metrics cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/U:Amber'}

Subscriptions

Cyberark Software A Palo Alto Networks Company Idira Endpoint Privilege Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-06-11T19:02:13.450Z

Reserved: 2026-05-08T23:01:00.502Z

Link: CVE-2026-45176

cve-icon Vulnrichment

Updated: 2026-06-11T19:01:49.343Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-11T19:16:41.757

Modified: 2026-06-11T20:56:29.653

Link: CVE-2026-45176

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T22:00:08Z

Weaknesses
  • CWE-269

    Improper Privilege Management