Severity by source
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
Local attacker needs an existing low-priv shell (PR:L), race/condition-dependent IPC abuse justifies AC:H, and successful exploitation yields full SYSTEM/root impact across C/I/A.
Primary rating from Vendor (palo_alto).
CVSS VectorVendor: palo_alto
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
Lifecycle Timeline
2DescriptionCVE.org
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19
AnalysisAI
Local privilege escalation in CyberArk (Idira) Endpoint Privilege Manager Agent versions prior to 26.5 allows low-privileged users on Windows, macOS, and Linux endpoints to abuse improper access controls in high-privileged agent components and execute actions with elevated privileges. The flaw was reported by Palo Alto Networks (CyberArk's parent) and addressed in agent version 26.5.0, with no public exploit identified at time of analysis. Because EPM is itself a privilege-management control, a bypass directly undermines the security posture of every endpoint where it is deployed.
Technical ContextAI
The affected component is the CyberArk Endpoint Privilege Manager (EPM) Agent - a cross-platform endpoint security agent that brokers elevation requests and enforces least-privilege policies on Windows, macOS, and Linux hosts (per CPE cpe:2.3:a:cyberark_software...:idira_endpoint_privilege_manager). The root cause is classified as CWE-269 (Improper Privilege Management): high-privileged agent processes expose an internal IPC channel or perform file operations without adequately validating the caller's authorization, so a low-privileged process running on the same host can manipulate that interface to coerce the agent into performing privileged actions on its behalf. This is a classic local-IPC/file-operation trust boundary failure inside a SYSTEM/root-level service.
RemediationAI
Vendor-released patch: upgrade the CyberArk Endpoint Privilege Manager Agent to version 26.5.0 or later on all Windows, macOS, and Linux endpoints, per CyberArk Security Bulletin CA26-19 and the per-OS release notes (rn-os-windows.htm#Version2650, rn-os-macos.htm#Version2650, rn-os-linux.htm#Version2650). Because the vulnerability is local and requires code execution as a low-privileged user on the endpoint, compensating controls until rollout completes include tightening endpoint application-control policies to block untrusted binaries from running, restricting interactive logon and remote-shell access to endpoints with the vulnerable agent, and monitoring for unexpected child processes spawned by the EPM agent service or unusual file activity in directories used by its IPC - note these controls reduce but do not eliminate exposure and may generate additional policy-deny noise. Do not disable the EPM agent as a workaround, since that removes the very privilege-management control the product provides.
Local privilege/integrity compromise in CyberArk Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 all
Local privilege escalation and self-defense bypass in CyberArk (Palo Alto Networks) Idira Endpoint Privilege Manager Age
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36291
GHSA-5cgm-xvc8-25j7