Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:M/U:Amber
Primary rating from Vendor (palo_alto) · only source for this CVE.
CVSS VectorVendor: palo_alto
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:M/U:Amber
Lifecycle Timeline
4DescriptionCVE.org
An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.
The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.
AnalysisAI
Improper certificate validation in Palo Alto Networks Prisma Access Agent versions below 26.2.1 on Android and Chrome OS exposes VPN sessions to man-in-the-middle interception by adjacent-network attackers. An attacker co-located on the same network segment can present any certificate for any domain issued by a trusted Certificate Authority - bypassing domain-specific validation - to intercept VPN tunnel traffic and capture sensitive device information. No public exploit code exists and no active exploitation has been confirmed (EPSS 0.00%, not in CISA KEV); however, a vendor patch is available at version 26.2.1 and should be prioritized for mobile and Chrome OS deployments.
Technical ContextAI
The root cause is CWE-295 (Improper Certificate Validation): the Prisma Access Agent VPN client on Android and Chrome OS fails to enforce that the TLS certificate presented by a peer corresponds to the expected VPN gateway endpoint. Because it accepts any certificate signed by a system-trusted Certificate Authority - regardless of the Subject/SAN domain - an attacker who can position themselves at the network layer can substitute a fraudulent certificate without triggering a validation failure. This class of flaw typically arises from missing hostname verification or improper trust anchor pinning in the VPN tunnel establishment logic. The affected CPE is cpe:2.3:a:palo_alto_networks:prisma_access_agent:*:*:*:*:*:*:*:* covering all versions prior to 26.2.1. The vulnerability is scoped to the Android and Chrome OS implementations of the agent; Palo Alto Networks explicitly confirms that macOS, Windows, Linux, and iOS agents are not affected, suggesting a platform-specific certificate validation code path is responsible.
RemediationAI
The primary fix is to upgrade Prisma Access Agent to version 26.2.1 or later on all Android and Chrome OS endpoints; this is the vendor-released patch confirmed by EUVD data (EUVD-2026-30099) and the Palo Alto Networks advisory at https://security.paloaltonetworks.com/CVE-2026-0248. Until patching is complete, organizations should enforce a network policy requiring Prisma Access Agent users on Android and Chrome OS to connect only from trusted, controlled network segments (e.g., corporate wired networks or managed Wi-Fi with 802.1X authentication), thereby eliminating the adjacent-network attack surface. Disabling split-tunneling configurations that could route sensitive traffic outside the VPN when on untrusted networks is an additional compensating control, though it does not address the certificate validation flaw itself. Monitoring for unexpected certificate issuances via Certificate Transparency logs for VPN gateway domains may help detect active MitM attempts during the remediation window.
More in Prisma Access Agent
View allPrivilege escalation in Palo Alto Networks Prisma Access Agent on Linux allows a locally authenticated low-privileged us
Authorization bypass in Palo Alto Networks Prisma Access Agent's Endpoint DLP component permits a locally authenticated
Local privilege escalation in Palo Alto Networks Prisma Access Agent (all versions prior to 26.2.1) allows any locally a
Multiple protection mechanism failures in the Data Loss Prevention (DLP) component of Palo Alto Networks Prisma Access A
Improper certificate validation in the Palo Alto Networks Prisma Access Agent for iOS exposes VPN tunnel traffic to inte
Security control bypass in Palo Alto Networks Prisma Access Agent for Linux enables a local, low-privileged attacker to
Prisma Access Agent on Windows and macOS exposes sensitive configuration data and credentials to local low-privileged us
Same weakness CWE-295 – Improper Certificate Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30099
GHSA-jgxc-qhw9-rf7c