CVE-2026-0236 Overview
CVE-2026-0236 is a code injection vulnerability [CWE-94] in Palo Alto Networks Prisma® Browser on macOS. The browser fails to properly restrict access to its AppleScript interface. A locally authenticated non-admin user can leverage the exposed Apple Event handler to send unauthorized commands to the browser. This enables an attacker with local access to drive browser behavior outside of the user's intent. The flaw affects confidentiality and integrity of browser sessions and the data they handle.
Critical Impact
A local, non-admin user can issue unauthorized AppleScript commands to Prisma Browser, leading to code injection with high confidentiality and integrity impact on browser data and sessions.
Affected Products
- Palo Alto Networks Prisma® Browser on macOS
Discovery Timeline
- 2026-05-13 - CVE-2026-0236 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-0236
Vulnerability Analysis
The vulnerability resides in how Prisma® Browser exposes its AppleScript interface on macOS. macOS applications can declare an sdef (scripting definition) that registers Apple Event handlers. These handlers accept commands from any local process that can dispatch Apple Events. Prisma Browser does not properly restrict which callers may invoke its scripting interface. A locally authenticated non-admin user can therefore send Apple Events that the browser executes as if they were issued by the user. The classification is code injection [CWE-94] because attacker-supplied input is interpreted as browser commands rather than data.
Root Cause
The root cause is missing access control on the AppleScript scripting bridge. The browser registers an Apple Event handler without validating the origin or privilege of the caller. Any process running in the user's session can therefore script the browser, including processes spawned by a less privileged local user. The CWE-94 classification reflects that scripted commands are evaluated by the application without an authorization boundary.
Attack Vector
Exploitation requires local access and a low-privileged authenticated session. The attacker writes an AppleScript or uses osascript to send Apple Events to Prisma Browser. Through the exposed handler, the attacker can drive navigation, read or manipulate browser content, or trigger actions that the legitimate user is authorized to perform. The attack does not require user interaction once the script is delivered. Network-based exploitation is not in scope based on the local attack vector.
No verified public exploit code is available. See the Palo Alto Networks CVE-2026-0236 Advisory for vendor technical details.
Detection Methods for CVE-2026-0236
Indicators of Compromise
- Unexpected execution of osascript or AppleScript-bearing processes targeting the Prisma Browser bundle identifier.
- Apple Events sent to Prisma Browser from processes that are not user-initiated GUI applications.
- Anomalous browser navigation, tab creation, or content access events with no correlated user input.
Detection Strategies
- Monitor macOS endpoint telemetry for osascript invocations and NSAppleScript API usage that target Prisma Browser.
- Correlate Apple Event activity with the originating process tree to identify scripting from non-interactive or low-privileged users.
- Alert on cross-user Apple Event delivery, where a local non-admin account scripts an application running in another session context.
Monitoring Recommendations
- Enable Endpoint Security framework auditing for process exec events and AppleScript-related binaries on macOS.
- Centralize macOS Unified Log events related to AppleEvents and tccd decisions for review.
- Track browser process behavior for command-driven actions that lack corresponding user input events.
How to Mitigate CVE-2026-0236
Immediate Actions Required
- Update Prisma® Browser on macOS to the fixed version listed in the vendor advisory as soon as it is available.
- Restrict local interactive logins on shared macOS hosts to trusted users only.
- Audit which local accounts have shell or scripting access to systems running Prisma Browser.
Patch Information
Palo Alto Networks has published advisory details at the Palo Alto Networks CVE-2026-0236 Advisory. Apply the fixed Prisma® Browser release for macOS identified in that advisory. Confirm the installed version after upgrade and validate that the AppleScript interface is no longer reachable from non-privileged callers.
Workarounds
- Remove or restrict shared use of macOS endpoints running Prisma Browser until patched.
- Use macOS Privacy & Security controls and TCC policies to limit Automation permissions granted to applications and scripts.
- Monitor and block unauthorized osascript execution through endpoint policy where operationally feasible.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
