Primary

Context

Panorama Suite Unnecessary Permissions on Private Key Certificates Vulnerability

Vulnerability

Patched

A vulnerability exists in Panorama Suite 2025 installations prior to update PS-2500-00-0357, where certificates and their private keys installed via the Network and Security tool are granted unnecessary access rights to the operator group. This issue does not affect installations on Panorama Suite 2025 Updated Dec. 25.

Impact

The vulnerability allows the operator group to access private keys of certain certificates, which could lead to unauthorized use of those keys.

Remediation

Users can update to Panorama Suite 2025 (Updated Dec. 25) or version PS-2500-00-0357 or later. For certificates installed with earlier versions, the private key permissions must be manually corrected by removing the Operators group access. This can be done through the computer certificate management console.

Added: Mar 25, 2026, 1:31 PM

Updated: Mar 25, 2026, 1:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

2.9

remediation

8.3

relevance

4.7

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

2.9

remediation

8.3

relevance

4.7

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Panorama Suite Unnecessary Permissions on Private Key Certificates Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Codra Panorama Suite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating