PatchSiren cyber security CVE debrief
CVE-2026-0237 Palo Alto Networks CVE debrief
CVE-2026-0237 is an improper protection of alternate path vulnerability in Palo Alto Networks Prisma Browser on macOS. The vulnerability fails to properly restrict access to an internal automation bridge, allowing a locally authenticated non-admin user to send unauthorized commands to the browser, bypassing security controls. This could lead to potential security breaches if not addressed. Administrators and users should be aware of this vulnerability and take necessary actions to mitigate the risk.
- Vendor
- Palo Alto Networks
- Product
- Prisma Browser
- CVSS
- HIGH 7.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-13
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-05-13
- Advisory updated
- 2026-07-14
Who should care
Administrators and users of Palo Alto Networks Prisma Browser on macOS should be aware of this vulnerability and take necessary actions to mitigate the risk. This includes applying patches or updates, restricting access to the internal automation bridge, and monitoring for suspicious activity.
Technical summary
The vulnerability has a CVSS score of 7.3 and is classified as HIGH severity. It exists in the Prisma Browser on macOS and can be exploited by a locally authenticated non-admin user. The vulnerability allows the user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls. This could lead to potential security breaches if not addressed.
Defensive priority
High priority should be given to patching or mitigating this vulnerability, as it can be exploited by a locally authenticated non-admin user.
Recommended defensive actions
- Apply the latest patch or update for Palo Alto Networks Prisma Browser on macOS.
- Restrict access to the internal automation bridge.
- Monitor for suspicious activity and implement compensating controls.
- Verify the integrity of the browser and system configurations.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-05-13T18:16:12.990Z and was last modified on 2026-07-14T12:45:46.917Z. The NVD entry is currently Analyzed. This vulnerability affects Palo Alto Networks Prisma Browser on macOS, allowing a locally authenticated non-admin user to leverage an exposed communication channel to send unauthorized commands to the browser, bypassing security controls. Evidence is limited to public CVE and NVD information.
Official resources
-
CVE-2026-0237 CVE record
CVE.org
-
CVE-2026-0237 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-05-13T18:16:12.990Z and has not been modified since then. The NVD entry is currently Analyzed.