Prisma Browser Windows Screenshot Bypass via Local Auth
CVE-2025-4617 Published on November 14, 2025
Prisma Browser: Insufficient Policy Enforcement Vulnerability in Prisma Browser
An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the browser.
Browser self-protection should be enabled to mitigate this issue.
Timeline
Initial Publication
Weakness Type
Improper Protection of Alternate Path
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
Products Associated with CVE-2025-4617
Want to know whenever a new CVE is published for Palo Alto Networks Prisma Browser? stack.watch will email you.
Affected Versions
Palo Alto Networks Prisma Browser:- Version 142.15.6.0, <= 142.15.6.60 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.