/
CVE-2025-0139CVE-2025-0139 Autonomous Digital Experience Manager: Privilege Escalation (PE) Vulnerability
Exploit MaturityUNREPORTED
Response EffortMODERATE
RecoveryUSER
Value DensityDIFFUSE
Attack VectorLOCAL
Attack ComplexityLOW
Attack RequirementsNONE
AutomatableNO
User InteractionNONE
Product ConfidentialityNONE
Product IntegrityLOW
Product AvailabilityNONE
Privileges RequiredLOW
Subsequent ConfidentialityHIGH
Subsequent IntegrityHIGH
Subsequent AvailabilityHIGH
Description
An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user on macOS endpoints to escalate their privileges to root.
Product Status
| Versions | Affected | Unaffected |
|---|---|---|
| Autonomous Digital Experience Manager 5.6.0 | < 5.6.7 on macOS | >= 5.6.7 on macOS |
Required Configuration for Exposure
No special configuration is required to be vulnerable to this issue.
Severity:LOW, Suggested Urgency:MODERATE
CVSS-BT:2.4 /CVSS-B:6.3 (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:U/AU:N/R:U/V:D/RE:M/U:Amber)
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of this issue.
Weakness Type and Impact
CWE-266 Incorrect Privilege Assignment
CAPEC-233 Privilege Escalation
Solution
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Autonomous Digital Experience Manager 5.6 on macOS | 5.6.0 through 5.6.6 | Upgrade to 5.6.7 or later. |
Workarounds and Mitigations
There are no known workarounds or mitigations for this issue.
Acknowledgments
Palo Alto Networks thanks NVIDIA PSIRT for discovering and reporting this issue.
CPE Applicability
- cpe:2.3:a:palo_alto_networks:autonomous_digital_experience_manager:*:*:*:*:*:macOS:*:* is vulnerable from (including)5.6.0 and up to (excluding)5.6.7
Timeline
Initial Publication
