Prisma Sd Wan Ion
Monthly
Denial of service in Palo Alto Networks Prisma SD-WAN ION devices allows an unauthenticated attacker with adjacent network access to crash or disrupt the device by sending a specially crafted IPv6 packet. The vulnerability (CWE-606) exists across three active release branches of the ION software, with fixed versions available from Palo Alto Networks. No public exploit code exists and no active exploitation has been identified at time of analysis, with EPSS at 0.03% and SSVC confirming exploitation status as none.
Improper certificate validation in Palo Alto Networks Prisma SD-WAN ION allows an adjacent-network attacker positioned as a man-in-the-middle to impersonate the SD-WAN controller, achieving high confidentiality, integrity, and availability impact against the vulnerable device. Affected versions span three active release trains (6.3.x, 6.4.x, and 6.5.x), with fixed builds now available from Palo Alto Networks. No public exploit identified at time of analysis, and EPSS sits at 0.00%, but SSVC rates technical impact as total given the controller-impersonation capability.
Denial of service in Palo Alto Networks Prisma SD-WAN ION devices allows an unauthenticated attacker with adjacent network access to crash or disrupt the device by sending a specially crafted IPv6 packet. The vulnerability (CWE-606) exists across three active release branches of the ION software, with fixed versions available from Palo Alto Networks. No public exploit code exists and no active exploitation has been identified at time of analysis, with EPSS at 0.03% and SSVC confirming exploitation status as none.
Improper certificate validation in Palo Alto Networks Prisma SD-WAN ION allows an adjacent-network attacker positioned as a man-in-the-middle to impersonate the SD-WAN controller, achieving high confidentiality, integrity, and availability impact against the vulnerable device. Affected versions span three active release trains (6.3.x, 6.4.x, and 6.5.x), with fixed builds now available from Palo Alto Networks. No public exploit identified at time of analysis, and EPSS sits at 0.00%, but SSVC rates technical impact as total given the controller-impersonation capability.