CVE-2026-0248— Prisma Access Agent: Improper Certificate Validation Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-0248
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Prisma Access Agent: Improper Certificate Validation Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information. The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palo Alto Networks Prisma Access Agent 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palo Alto Networks Prisma Access Agent是美国派拓网络(Palo Alto Networks)公司的一个零信任网络访问客户端代理。 Palo Alto Networks Prisma Access Agent for Android和Chrome OS存在信任管理问题漏洞,该漏洞源于证书验证不当,可能导致攻击者执行中间人攻击以拦截VPN流量,通过呈现由可信证书颁发机构颁发的任何域证书,攻击者可捕获敏感设备信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Palo Alto Networks | Prisma Access Agent | 0 ~ 26.2.1 | - | |
| Palo Alto Networks | Prisma Access Agent | - | - |
II. Public POCs for CVE-2026-0248
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-0248
请登录查看更多情报信息。
Same Patch Batch · Palo Alto Networks · 2026-05-13 · 26 CVEs total
| CVE-2026-0256 | PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface | |
| CVE-2026-0242 | Trust Protection Foundation: SQL Injection Vulnerability | |
| CVE-2026-0258 | PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching | |
| CVE-2026-0245 | Prisma Access Agent: Information Disclosure Vulnerabilities | |
| CVE-2026-0259 | WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire App | |
| CVE-2026-0236 | Prisma Browser: Code Injection Enables Security Controls Bypass | |
| CVE-2026-0241 | Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities | |
| CVE-2026-0261 | PAN-OS: Authenticated Admin Command Injection Vulnerability | |
| CVE-2026-0265 | PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled | |
| CVE-2026-0243 | Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet | |
| CVE-2026-0262 | PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing | |
| CVE-2026-0237 | Prisma Browser: Improperly Restricted Automation Bridge Allows Security Bypass | |
| CVE-2026-0247 | Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities | |
| CVE-2026-0250 | GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway | |
| CVE-2026-0238 | Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields | |
| CVE-2026-0264 | PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remo | |
| CVE-2026-0235 | Prisma Browser: Access and Data Rule Bypass | |
| CVE-2026-0251 | GlobalProtect App: Local Privilege Escalation Vulnerabilities | |
| CVE-2026-0249 | GlobalProtect App: Certificate Validation Bypass Vulnerabilities | |
| CVE-2026-0240 | Trust Protection Foundation: Sensitive Information Disclosure Vulnerability |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: Palo Alto Networks
- CVE-2026-0243
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through - CVE-2026-0242
Trust Protection Foundation: SQL Injection Vulnerability - CVE-2026-0244
Prisma SD-WAN: Improper Certificate Validation Vulnerability - CVE-2026-0241
Trust Protection Foundation: Multiple Authorization Bypass V - CVE-2026-0245
Prisma Access Agent: Information Disclosure Vulnerabilities
Same weakness: CWE-295
- CVE-2026-44700
Elixir WebRTC: Missing DTLS peer fingerprint validation in e - CVE-2026-23998
Fleet has a Windows MDM management endpoint authentication b - CVE-2026-32992
cPanel 信任管理问题漏洞 - CVE-2026-44363
Unsafe remote resource fetching in expansion misp-modules - CVE-2026-0244
Prisma SD-WAN: Improper Certificate Validation Vulnerability
V. Comments for CVE-2026-0248
No comments yet