PT-2026-56919 · Palo Alto Networks · Prisma Access Agent
Published
2026-07-09
·
Updated
2026-07-09
·
CVE-2026-0277
CVSS v4.0
5.7
Medium
| Vector | AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber |
An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic.
The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Prisma Access Agent