CVE-2026-45175
Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19
| CWE | CWE-295 |
| Vendor | cyberark software, a palo alto networks company |
| Product | idira endpoint privilege manager |
| Published | Jun 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for cyberark software, a palo alto networks company idira endpoint privilege manager
Be the first to know when new unknown vulnerabilities affecting cyberark software, a palo alto networks company idira endpoint privilege manager are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
CyberArk Software, a Palo Alto Networks Company / Idira Endpoint Privilege Manager
26.0 < 26.5
References
docs.cyberark.com: https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650 docs.cyberark.com: https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650 docs.cyberark.com: https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650control
Credits
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue