Cyber Resilience

CVE-2026-45175

HighUpdated

Published: 11 June 2026

Published
11 June 2026
Modified
22 June 2026
KEV Added
Patch
CVSS Score v4 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
EPSS Score 0.0013 2.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-45175 is a high-severity Improper Certificate Validation (CWE-295) vulnerability in Paloaltonetworks Idira Endpoint Privilege Manager. Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 2.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent…

more

agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1548 Abuse Elevation Control Mechanism Privilege Escalation
Adversaries may circumvent mechanisms designed to control privilege elevation to gain higher-level permissions.
Why these techniques?

Local bypass of EPM agent validation/self-defense directly enables privilege escalation via abuse of elevation controls.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

Affected Assets

paloaltonetworks
idira endpoint privilege manager
≤ 26.5.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-295

When certificates are used to establish component provenance, the control requires correct certificate validation procedures.

addresses: CWE-295

Mandates approved trust anchors and issuance policies, directly preventing acceptance of unvalidated or untrusted certificates.

addresses: CWE-295

Correct system time is required for proper enforcement of certificate notBefore/notAfter dates and time-based revocation checks.

References