CVE-2026-45176
Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19
| CWE | CWE-269 |
| Vendor | cyberark software, a palo alto networks company |
| Product | idira endpoint privilege manager |
| Published | Jun 11, 2026 |
| Last Updated | Jun 11, 2026 |
Stay Ahead of the Next One
Get instant alerts for cyberark software, a palo alto networks company idira endpoint privilege manager
Be the first to know when new unknown vulnerabilities affecting cyberark software, a palo alto networks company idira endpoint privilege manager are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
CyberArk Software, a Palo Alto Networks Company / Idira Endpoint Privilege Manager
26.0 < 26.5
References
docs.cyberark.com: https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650 docs.cyberark.com: https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650 docs.cyberark.com: https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650
Credits
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue