CVE-2026-4761

Published: Mar 25, 2026

Modified: Mar 26, 2026

PUBLISHED

Description

When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. * Installations based on Panorama Suite 2025 (25.00.004) are vulnerable unless update PS-2500-00-0357 (or higher) is installed * Installations based on Panorama Suite 2025 Updated Dec. 25 (25.10.007) are not vulnerable Please refer to security bulletin BS-036, available on the Panorama CSIRT website: https://my.codra.net/en-gb/csirt.

Vendor	Product	Versions
CODRA	Panorama Suite	affected `Panorama Suite 2025 - < update PS-2500-00-0357` unaffected `Panorama Suite 2025 Updated Dec. 25`

Weaknesses (CWE)

CWE-732

References

https://my.codra.net/api/csirt/download?resourceId=1469&fileType=FichierPDF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-4761

Description

Affected Products

Weaknesses (CWE)

References