CVE-2026-0245
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk4th percentile - higher than 4% of all known CVEs
Summary
Multiple information disclosure vulnerabilities in Prisma Access Agent allow a local user to access sensitive configuration data and credentials. The vulnerability affects the agent on Windows and macOS systems.
Risk Assessment
The organization is at risk of leaking sensitive configuration data and credentials, which could lead to unauthorized access to the corporate network and resources.
Recommendation
Immediately update Prisma Access Agent to the latest version available from the vendor and restrict local access to systems where the agent is installed.
Original NVD description (English source)
Multiple information disclosure vulnerabilities in Prisma Access Agent® allow a local user to access sensitive configuration data and credentials. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected.

