GHSA-3jgm-qfwg-p235HighCVSS 7.8
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control...
🔗 CVE IDs covered (1)
📋 Description
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker to circumvent agent self-defense mechanisms and execute unauthorized operations. CyberArk Security Bulletin: CA26-19
🔗 References (5)
- https://nvd.nist.gov/vuln/detail/CVE-2026-45175
- https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650control
- https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650
- https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650
- https://github.com/advisories/GHSA-3jgm-qfwg-p235