{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2026-0271", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-11-03T20:44:31.121Z", "datePublished": "2026-06-10T20:59:51.879Z", "dateUpdated": "2026-06-11T13:48:17.999Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2026-06-10T20:59:51.879Z" }, "title": "Prisma Access Agent: Local Privilege Escalation by Authorized Users", "datePublic": "2026-06-10T16:00:00.000Z", "problemTypes": [ { "descriptions": [ { "lang": "en", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "type": "CWE" } ] } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "affected": [ { "vendor": "Palo Alto Networks", "product": "Prisma Access Agent", "platforms": [ "Linux" ], "versions": [ { "status": "affected", "version": "0", "lessThan": "26.2.1", "changes": [ { "at": "26.2.1", "status": "unaffected" } ], "versionType": "custom" } ], "defaultStatus": "unaffected" }, { "vendor": "Palo Alto Networks", "product": "Prisma Access Agent", "platforms": [ "macOS", "Windows", "iOS", "Android", "Chrome OS" ], "versions": [ { "status": "unaffected", "version": "All", "versionType": "custom" } ], "defaultStatus": "unaffected" } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:palo_alto_networks:prisma_access_agent:*:*:*:*:*:Linux:*:*", "versionEndExcluding": "26.2.1", "versionStartIncluding": "26.2.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "OR" } ], "descriptions": [ { "lang": "en", "value": "A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges.\n\n\n\nThis does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "

A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges.

This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.

" } ] } ], "references": [ { "url": "https://security.paloaltonetworks.com/CVE-2026-0271", "tags": [ "vendor-advisory" ] } ], "metrics": [ { "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ], "cvssV4_0": { "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "Safety": "NOT_DEFINED", "Automatable": "NO", "Recovery": "AUTOMATIC", "valueDensity": "DIFFUSE", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "AMBER", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.9, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber" } } ], "configurations": [ { "lang": "eng", "value": "No special configuration is required to be affected by this issue.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "No special configuration is required to be affected by this issue." } ] } ], "workarounds": [ { "lang": "eng", "value": "No known workarounds exist for this issue.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "No known workarounds exist for this issue." } ] } ], "solutions": [ { "lang": "eng", "value": "VERSION MINOR VERSION SUGGESTED SOLUTION\nPrisma Access Agent on Linux 25.7 through 26.2.0 Upgrade to 26.2.1 or later.\nPrisma Access Agent All on macOS No action needed.\nPrisma Access Agent All on Windows No action needed.\nPrisma Access Agent All on iOS No action needed.\nPrisma Access Agent All on Android No action needed.\nPrisma Access Agent All on Chrome OS No action needed.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "\n \n \n \n
Version
Minor Version
Suggested Solution
Prisma Access Agent on Linux
25.7 through 26.2.0Upgrade to 26.2.1 or later.
Prisma Access Agent All on macOS
No action needed.
Prisma Access Agent All on Windows
No action needed.
Prisma Access Agent All on iOS
No action needed.
Prisma Access Agent All on Android
No action needed.
Prisma Access Agent All on Chrome OS
No action needed.
" } ] } ], "exploits": [ { "lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue." } ] } ], "timeline": [ { "time": "2026-06-10T16:00:00.000Z", "lang": "en", "value": "Initial publication." } ], "credits": [ { "lang": "en", "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.", "type": "other" } ], "source": { "discovery": "INTERNAL" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" }, "x_affectedList": [ "Prisma Access Agent 26.2.0" ] }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2026-06-11T13:48:10.520535Z", "id": "CVE-2026-0271", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-11T13:48:17.999Z" } } ] } }