PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-0245 Palo Alto Networks CVE debrief

CVE-2026-0245 is a multiple information disclosure vulnerability in Prisma Access Agent, allowing a local user to access sensitive configuration data and credentials. The vulnerability has a CVSS score of 4.3 and a severity of MEDIUM. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected. This vulnerability affects Windows deployments of Prisma Access Agent. Administrators should review and apply mitigations as necessary.

Vendor
Palo Alto Networks
Product
Prisma Access Agent
CVSS
MEDIUM 4.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-13
Original CVE updated
2026-07-14
Advisory published
2026-05-13
Advisory updated
2026-07-14

Who should care

Administrators and users of Prisma Access Agent on Windows should review and apply mitigations as necessary. This includes verifying and applying vendor-provided patches or updates, monitoring system logs for suspicious activity, and implementing compensating controls to limit access to sensitive data.

Technical summary

CVE-2026-0245 is a multiple information disclosure vulnerability in Prisma Access Agent, allowing a local user to access sensitive configuration data and credentials. The vulnerability has a CVSS score of 4.3 and a severity of MEDIUM. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected.

Defensive priority

Apply vendor-provided patches or mitigations to prevent exploitation. Monitor system logs for suspicious activity and implement compensating controls to limit access to sensitive data.

Recommended defensive actions

  • Inventory Prisma Access Agent installations on Windows
  • Verify and apply vendor-provided patches or updates
  • Monitor system logs for suspicious activity
  • Implement compensating controls to limit access to sensitive data
  • Review system configurations for potential exposure

Evidence notes

The CVE record and NVD entry provide details on the vulnerability and affected versions. The Prisma Access Agent on Linux, ChromeOS, Android, and iOS are not affected. Evidence is limited, and defenders should verify the affected scope and vendor guidance.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-05-13T19:16:58.450Z and has not been modified since then.