CVE-2026-0233

Summary

A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksAutonomous Digital Experience Manager5.10.0 < 5.10.14affected

Weaknesses

  • CWE-295: CWE-295: Improper Certificate Validation

Workarounds

No known workarounds exist for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References