Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
Local authenticated user (AV:L/PR:L); description's 'specific circumstances' for the cryptographic-check bypass justifies AC:H; full compromise of the agent yields C/I/A:H with no scope change.
Primary rating from Vendor (palo_alto).
CVSS VectorVendor: palo_alto
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
Lifecycle Timeline
2DescriptionCVE.org
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19
AnalysisAI
Local privilege escalation and self-defense bypass in CyberArk (Palo Alto Networks) Idira Endpoint Privilege Manager Agent versions prior to 26.5 allows an authenticated local attacker to circumvent internal cryptographic validation and agent tamper-protection controls. Successful exploitation lets the attacker disable EPM enforcement and execute unauthorized operations on the endpoint, undermining the very privilege-management protections the product is meant to provide. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Technical ContextAI
The affected component is the Idira Endpoint Privilege Manager agent (CPE cpe:2.3:a:cyberark_software,_a_palo_alto_networks_company:idira_endpoint_privilege_manager), an endpoint agent that enforces least-privilege, application control, and self-defense on Windows, macOS, and Linux hosts. CWE-295 (Improper Certificate Validation) indicates that internal validation logic - likely signature, certificate, or token checks used between agent components or between the agent and trusted callers - does not properly verify cryptographic trust, so a local actor able to interact with these internal interfaces can present forged or unverified material and be treated as legitimate. Because the broken check guards self-defense and integrity routines, bypassing it neutralizes the controls the agent itself relies on to resist tampering.
RemediationAI
Vendor-released patch: Idira Endpoint Privilege Manager Agent 26.5 - upgrade all Windows, macOS, and Linux endpoints to 26.5 or later per the release notes linked from CyberArk Security Bulletin CA26-19 (https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650 and the macOS/Linux equivalents). No vendor workaround is published; until agents are upgraded, compensating controls include tightening EPM policy to deny interactive logon and shell/script execution for non-admin users on sensitive hosts (reduces the population of local attackers who can reach the vulnerable interface, at the cost of usability), monitoring EDR/SIEM telemetry for EPM service stops, driver unloads, or tamper events that indicate self-defense bypass, and enforcing application-control allow-lists outside EPM (e.g. WDAC, Gatekeeper, SELinux) so that disabling the agent does not immediately grant arbitrary code execution.
Local privilege escalation in CyberArk (Idira) Endpoint Privilege Manager Agent versions prior to 26.5 allows low-privil
Local privilege/integrity compromise in CyberArk Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 all
Same weakness CWE-295 – Improper Certificate Validation
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36304
GHSA-3jgm-qfwg-p235