Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Primary rating from Vendor (palo_alto) · only source for this CVE.
CVSS VectorVendor: palo_alto
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Lifecycle Timeline
4DescriptionCVE.org
An improper protection of alternate path vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to an internal automation bridge. This allows a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls.
AnalysisAI
Local privilege escalation in Palo Alto Networks Prisma Browser on macOS allows a locally authenticated non-admin user to access an internal automation bridge that was insufficiently restricted, enabling unauthorized commands to be sent to the browser and bypassing built-in security controls. The flaw is tracked as CVE-2026-0237 with a CVSS 4.0 score of 7.3 and no public exploit identified at time of analysis, though SSVC rates the technical impact as total.
Technical ContextAI
Prisma Browser is Palo Alto Networks' enterprise secure browser (formerly the Talon acquisition) used to enforce data loss prevention, identity, and SaaS access controls on managed endpoints. The vulnerability is classified as CWE-424 (Improper Protection of Alternate Path), meaning the product enforces security checks on its primary interface but exposes a secondary channel - here, an internal automation/IPC bridge on macOS - that does not enforce the same trust boundary. Because the bridge is reachable by any local user session on the Mac (per CPE cpe:2.3:a:palo_alto_networks:prisma_browser), a non-admin process can drive the browser as if it were a privileged automation client, sidestepping the policy enforcement layer the browser is deployed to provide.
RemediationAI
Vendor-released patch: upgrade Prisma Browser on macOS to version 146.16.6.165 or later as documented at https://security.paloaltonetworks.com/CVE-2026-0237. Push the update through MDM (Jamf, Intune, Kandji) so all managed Macs are remediated in one wave rather than relying on user-initiated upgrades, since the bug is exploited by users already on the endpoint. As a compensating control until patching completes, restrict shared/multi-user macOS workstations where untrusted local accounts could reach the automation bridge, and audit any local accounts on devices running Prisma Browser; disabling the browser's automation/IPC bridge is not a documented vendor workaround and would likely break legitimate enterprise integrations, so patching is strongly preferred over interface-level mitigations.
More in Prisma Browser
View allLocal code injection in Palo Alto Networks Prisma Browser on macOS lets an authenticated non-admin user abuse an exposed
Policy bypass in Palo Alto Networks Prisma® Browser allows a locally authenticated non-admin user to circumvent access a
Privilege escalation in Palo Alto Networks Prisma® Browser on macOS enables a locally authenticated administrator with a
Same weakness CWE-424 – Improper Protection of Alternate Path
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30062
GHSA-7wx2-94c7-j77h