CVE-2026-0241

Description

Incorrect Authorization vulnerabilities in Trust Protection Foundation allow attackers to bypass access controls and perform unauthorized actions on restricted resources.

CVSS breakdown

CVSS 4.0

Attack Vector

Adjacent

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

Confidentiality (Vulnerable System)

Low

Integrity (Vulnerable System)

Low

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

Low

Integrity (Subsequent System)

Low

Availability (Subsequent System)

None

Unchanged

None

Unchanged

Amber

Affected products

Palo Alto Networks / Trust Protection Foundation25.3.0 – 25.3.3
Palo Alto Networks / Trust Protection Foundation25.1.0 – 25.1.8
Palo Alto Networks / Trust Protection Foundation24.3.0 – 24.3.6
Palo Alto Networks / Trust Protection Foundation24.1.0 – 24.1.13

References

MISChttps://security.paloaltonetworks.com/CVE-2026-0241