CVE Catalog

CVE-2026-45175

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations.

Risk Assessment

Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations, posing a serious security risk.

Recommendation

It is recommended to upgrade to version 26.5 or later to mitigate this vulnerability and strengthen access control.

Original NVD description (English source)

Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19

Vulnerability data from NVD (NIST) · CISA KEV · EPSS