Prisma Access Agent
Approved changes feed: RSS · Atom
cpe:2.3:a:palo_alto_networks:prisma_access_agent:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Palo Alto Networks (b3fb2ed8-9543-594b-b76a-18c6d89c012d) |
|---|---|
| Product | Prisma Access Agent (2ba95752-0343-548a-b02e-472055511786) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-0248 |
not_vulnerable | 2026-06-03 15:14:40.963843 |
Prisma Access Agent: Improper Certificate Validation Vulnerability
An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.
The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.
Published: 2026-05-13T19:05:00.190Z
Updated: 2026-05-13T19:29:24.329Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0248 |
vulnerable | 2026-06-03 15:14:40.963706 |
Prisma Access Agent: Improper Certificate Validation Vulnerability
An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.
The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.
Published: 2026-05-13T19:05:00.190Z
Updated: 2026-05-13T19:29:24.329Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0247 |
vulnerable | 2026-06-03 15:14:40.962951 |
Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities
Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations.
Published: 2026-05-13T18:46:31.633Z
Updated: 2026-05-13T19:31:03.749Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0246 |
not_vulnerable | 2026-06-03 15:14:40.960021 |
Prisma Access Agent: Local Privilege Escalation Vulnerability
A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts.
The Prisma Access Agent on iOS, Android and Chrome OS are not affected.
Published: 2026-05-13T18:51:06.275Z
Updated: 2026-05-13T19:30:50.538Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0246 |
vulnerable | 2026-06-03 15:14:40.959978 |
Prisma Access Agent: Local Privilege Escalation Vulnerability
A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts.
The Prisma Access Agent on iOS, Android and Chrome OS are not affected.
Published: 2026-05-13T18:51:06.275Z
Updated: 2026-05-13T19:30:50.538Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0245 |
not_vulnerable | 2026-06-03 15:14:40.952290 |
Prisma Access Agent: Information Disclosure Vulnerabilities
Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials.
The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected.
Published: 2026-05-13T18:54:09.052Z
Updated: 2026-05-13T19:30:22.868Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0245 |
vulnerable | 2026-06-03 15:14:40.952240 |
Prisma Access Agent: Information Disclosure Vulnerabilities
Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials.
The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected.
Published: 2026-05-13T18:54:09.052Z
Updated: 2026-05-13T19:30:22.868Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.