Vulnerability in Palo Alto Networks Prisma Sd-wan Ion

CVE-2026-0244

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller.

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (0.6th percentile) — read the EPSS interpretation.

Affected products

Palo Alto Networks Prisma Sd-wan Ion — versions 6.5.0, 6.4.0, 6.3.0

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

References

psirt@paloaltonetworks.com (vendor-advisory)