216.73.217.50

CVE-2026-4761

· Published 25/03/2026 13:16 · Modified 26/03/2026 10:16

Labels: CVE-2026-4761 2026-03-2530aa36b7-a224-4bc9-b7d3-abea20aa4887CVE-2026-4761CWE-732

Essential information

Published
25/03/2026 13:16
Modified
26/03/2026 10:16
Author
Creator
CVSS
3.3 LOW (v3) 3.3 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. * Installations based on Panorama Suite 2025 (25.00.004) are vulnerable unless update PS-2500-00-0357 (or higher) is installed * Installations based on Panorama Suite 2025 Updated Dec. 25 (25.10.007) are not vulnerable Please refer to security bulletin BS-036, available on the Panorama CSIRT website: https://my.codra.net/en-gb/csirt.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
30aa36b7-a224-4bc9-b7d3-abea20aa4887
NVD
View on NVD

Affected products (CPE)

ProductCPE
panorama / panorama suite cpe:2.3:a:panorama:panorama_suite:25.00.004:*:*:*:*:*:*:*
panorama / panorama suite cpe:2.3:a:panorama:panorama_suite:<25.10.007:*:*:*:*:*:*:*

References