CVE-2026-45176
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation.
Risk Assessment
This could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges, posing a serious security risk to the system.
Recommendation
It is recommended to upgrade to version 26.5 or later to mitigate this vulnerability and implement additional security measures to protect against local attacks.
Original NVD description (English source)
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19

