Auth Bypass in Prisma Access Agent Endpoint DLP Component
CVE-2026-0247 Published on May 13, 2026

Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities
Multiple authorization bypass vulnerabilities in the Endpoint DLP component of Prisma Access Agent® allow a local attacker to bypass authentication controls and execute privileged operations.

Vendor Advisory NVD

Timeline

Initial publication.

Weakness Type

Missing Authentication for Critical Function

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.


Products Associated with CVE-2026-0247

Want to know whenever a new CVE is published for Palo Alto Networks Prisma Access Agent? stack.watch will email you.

Palo Alto Networks Prisma Access Agent
 

Affected Versions

Palo Alto Networks Prisma Access Agent: