CVE-2026-0271 MEDIUM

CVE-2026-0271: Prisma Access Agent: Local Privilege Escalation by Authorized Users

Vendor Palo Alto Networks
Product Prisma Access Agent
Weakness CWE-732
Published June 10, 2026
Last update June 11, 2026

CVSS base score

5.9/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber

What the vulnerability does

01Description

A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to execute code with elevated privileges. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS.

Key dates

02Disclosure timeline

June 10, 2026 CVE published
June 11, 2026 Record updated