Vulnerability in Palo Alto Networks Prisma Access Agent

CVE-2026-0248

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain is…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (0.6th percentile) — read the EPSS interpretation.

Affected products

Palo Alto Networks Prisma Access Agent — versions 0, All

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

References

psirt@paloaltonetworks.com (vendor-advisory)