Palo Alto Networks Prisma Access Agent
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Palo Alto Networks Prisma Access Agent.
By the Year
In 2026 there have been 4 vulnerabilities in Palo Alto Networks Prisma Access Agent.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 4 | 0.00 |
It may take a day or so for new Prisma Access Agent vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Palo Alto Networks Prisma Access Agent Security Vulnerabilities
Improper Cert Validation in Prisma Access Agent for Android Enables MitM
CVE-2026-0248
- May 13, 2026
An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information. The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.
Improper Certificate Validation
Prisma Access Agent Local User Info Disclosure
CVE-2026-0245
- May 13, 2026
Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected.
Information Disclosure
Prisma Access Agent Priv Escal to Root / SYSTEM (CVE-2026-0246)
CVE-2026-0246
- May 13, 2026
A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code and read sensitive information otherwise accessible only to privileged accounts. The Prisma Access Agent on iOS, Android and Chrome OS are not affected.
AuthZ
Auth Bypass in Prisma Access Agent Endpoint DLP Component
CVE-2026-0247
- May 13, 2026
Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations.
Missing Authentication for Critical Function
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Palo Alto Networks Prisma Access Agent or by Palo Alto Networks? Click the Watch button to subscribe.
