CVE-2026-0233 LOW

CVE-2026-0233: Autonomous Digital Experience Manager: Improper validation of ADEM certificate

Vendor Palo Alto Networks
Product Autonomous Digital Experience Manager
Weakness CWE-295
Published April 13, 2026
Last update April 14, 2026

CVSS base score

2.0/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Green

What the vulnerability does

01Description

A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges.

Key dates

02Disclosure timeline

April 13, 2026 CVE published
April 14, 2026 Record updated