CVE Catalog

CVE-2026-0245

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

4th percentile - higher than 4% of all known CVEs

Summary

Multiple information disclosure vulnerabilities in Prisma Access Agent allow a local user to access sensitive configuration data and credentials. The vulnerability affects the agent on Windows and macOS systems.

Risk Assessment

The organization is at risk of leaking sensitive configuration data and credentials, which could lead to unauthorized access to the corporate network and resources.

Recommendation

Immediately update Prisma Access Agent to the latest version available from the vendor and restrict local access to systems where the agent is installed.

Original NVD description (English source)

Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS