Detections
Analytics
Palo Alto Prisma Access Agent 24.x / 25.x / 26.x < 26.2.1 Multiple Vulnerabilities
high Nessus Plugin ID 314974
Synopsis
A ZTNA/SASE client installed on the remote host is affected by multiple vulnerabilities.Description
The version of Palo Alto Networks Prisma Access Agent installed on the remote host is 24.x, 25.x, or 26.x prior to 26.2.1. It is, therefore, affected by multiple vulnerabilities:- Multiple information disclosure vulnerabilities allow a local user to access sensitive configuration data and credentials. (CVE-2026-0245)
- A vulnerability with a privilege management mechanism enables a locally authenticated non-administrative user to escalate their privileges to root on macOS or NT AUTHORITY\SYSTEM on Windows, allowing arbitrary code execution and access to sensitive information otherwise accessible only to privileged accounts. (CVE-2026-0246)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Palo Alto Networks Prisma Access Agent version 26.2.1 or later.See Also
Plugin Details
Severity: High
ID: 314974
File Name: palo_alto_prisma_access_agent_CVE-2026-0246.nasl
Version: 1.1
Type: Local
Agent: windows, macosx, unix
Family: Misc.
Published: 5/15/2026
Updated: 5/15/2026
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2026-0246
CVSS v3
Risk Factor: High
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS v4
Risk Factor: High
Base Score: 8.5
Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Vulnerability Information
CPE: cpe:/a:palo_alto_networks:prisma_access_agent
Required KB Items: installed_sw/Prisma Access Agent
Patch Publication Date: 5/13/2026
Vulnerability Publication Date: 5/13/2026
Reference Information
CVE: CVE-2026-0245, CVE-2026-0246