CVE-2026-0277
Prisma Access Agent: Improper Certificate Validation on iOS
CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
3th
An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected.
| CWE | CWE-295 |
| Vendor | palo alto networks |
| Product | prisma access agent |
| Published | Jul 9, 2026 |
| Last Updated | Jul 10, 2026 |
Stay Ahead of the Next One
Get instant alerts for palo alto networks prisma access agent
Be the first to know when new unknown vulnerabilities affecting palo alto networks prisma access agent are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Palo Alto Networks / Prisma Access Agent
0 < 26.2.1
Palo Alto Networks / Prisma Access Agent
All versions affected References
Credits
our internal security research teams