Idira Endpoint Privilege Manager
Monthly
Local privilege/integrity compromise in CyberArk Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allows an authenticated local attacker to interfere with the agent daemon's initialization sequence, potentially undermining the endpoint privilege controls the product is meant to enforce. The CVSS 4.0 score of 8.5 reflects high impact on confidentiality, integrity, and availability of the vulnerable system, though exploitation requires existing local access with low privileges. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Local privilege escalation and self-defense bypass in CyberArk (Palo Alto Networks) Idira Endpoint Privilege Manager Agent versions prior to 26.5 allows an authenticated local attacker to circumvent internal cryptographic validation and agent tamper-protection controls. Successful exploitation lets the attacker disable EPM enforcement and execute unauthorized operations on the endpoint, undermining the very privilege-management protections the product is meant to provide. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Local privilege escalation in CyberArk (Idira) Endpoint Privilege Manager Agent versions prior to 26.5 allows low-privileged users on Windows, macOS, and Linux endpoints to abuse improper access controls in high-privileged agent components and execute actions with elevated privileges. The flaw was reported by Palo Alto Networks (CyberArk's parent) and addressed in agent version 26.5.0, with no public exploit identified at time of analysis. Because EPM is itself a privilege-management control, a bypass directly undermines the security posture of every endpoint where it is deployed.
Local privilege/integrity compromise in CyberArk Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allows an authenticated local attacker to interfere with the agent daemon's initialization sequence, potentially undermining the endpoint privilege controls the product is meant to enforce. The CVSS 4.0 score of 8.5 reflects high impact on confidentiality, integrity, and availability of the vulnerable system, though exploitation requires existing local access with low privileges. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Local privilege escalation and self-defense bypass in CyberArk (Palo Alto Networks) Idira Endpoint Privilege Manager Agent versions prior to 26.5 allows an authenticated local attacker to circumvent internal cryptographic validation and agent tamper-protection controls. Successful exploitation lets the attacker disable EPM enforcement and execute unauthorized operations on the endpoint, undermining the very privilege-management protections the product is meant to provide. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Local privilege escalation in CyberArk (Idira) Endpoint Privilege Manager Agent versions prior to 26.5 allows low-privileged users on Windows, macOS, and Linux endpoints to abuse improper access controls in high-privileged agent components and execute actions with elevated privileges. The flaw was reported by Palo Alto Networks (CyberArk's parent) and addressed in agent version 26.5.0, with no public exploit identified at time of analysis. Because EPM is itself a privilege-management control, a bypass directly undermines the security posture of every endpoint where it is deployed.