Skip to main content

Trust Protection Foundation EUVDEUVD-2026-30093

| CVE-2026-0241 MEDIUM
Improper Check for Unusual or Exceptional Conditions (CWE-754)
2026-05-13 palo_alto GHSA-4q7p-q2qv-66rm
5.1
CVSS 4.0 · Vendor: palo_alto
Share

Severity by source

Vendor (palo_alto) PRIMARY
5.1 MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber

Primary rating from Vendor (palo_alto) · only source for this CVE.

CVSS VectorVendor: palo_alto

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 08, 2026 - 10:42 vuln.today
Patch available
May 13, 2026 - 20:02 EUVD
CVSS changed
May 13, 2026 - 19:22 NVD
5.1 (MEDIUM)

DescriptionCVE.org

Incorrect Authorization vulnerabilities in Trust Protection Foundation allow attackers to bypass access controls and perform unauthorized actions on restricted resources.

AnalysisAI

Incorrect Authorization in Palo Alto Networks Trust Protection Foundation allows adjacent-network unauthenticated attackers to bypass access controls and perform unauthorized actions against restricted resources. Affected version branches include 24.1.x, 24.3.x, 25.1.x, and 25.3.x, with fixed builds available from Palo Alto Networks. No public exploit identified at time of analysis, EPSS sits at the 1st percentile (0.01%), and SSVC rates exploitation as none - but the high availability impact component (VA:H in CVSS 4.0) on vulnerable systems makes patching a priority for organizations with exposed deployments.

Technical ContextAI

Trust Protection Foundation is a Palo Alto Networks security product (CPE: cpe:2.3:a:palo_alto_networks:trust_protection_foundation:*:*:*:*:*:*:*:*) designed to enforce access and trust policies. The assigned root cause is CWE-754 (Improper Check for Unusual or Exceptional Conditions), which describes failures to validate or handle edge-case or exceptional states in program logic - notably, this diverges from the more typical CWE-863 (Incorrect Authorization) that the description implies. This discrepancy suggests the authorization bypass may be triggered by supplying unusual or malformed inputs that cause the access-control evaluation path to be skipped or short-circuited. The CVSS 4.0 vector specifies AV:A (Adjacent), meaning exploitation requires the attacker to be on the same logical network segment or broadcast domain as the target, materially constraining the internet-accessible attack surface.

RemediationAI

Vendor-released patches are available for all affected branches: upgrade Trust Protection Foundation to 24.1.13, 24.3.6, 25.1.8, or 25.3.3, depending on the deployed branch. The official Palo Alto Networks advisory at https://security.paloaltonetworks.com/CVE-2026-0241 contains upgrade guidance and should be consulted for any deployment-specific considerations. As the CVSS vector requires AV:A (adjacent network), a compensating control for organizations unable to patch immediately is to enforce network segmentation that restricts adjacent access to Trust Protection Foundation nodes - for example, placing the product behind a dedicated management VLAN accessible only from authorized hosts. This reduces the exploitable population without disabling product functionality, though it does not eliminate the vulnerability. There are no known functional side effects of the available patches based on vendor-disclosed data.

Share

EUVD-2026-30093 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy