Prisma Access Agent: Improper Certificate Validation on iOS
Summary
| CVE | CVE-2026-0277 |
|---|---|
| State | PUBLISHED |
| Assigner | palo_alto |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-09 20:16:24 UTC |
| Updated | 2026-07-10 17:49:57 UTC |
| Description | An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected. |
Risk And Classification
Primary CVSS: v4.0 5.7 MEDIUM from [email protected]
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
EPSS: 0.001250000 probability, percentile 0.025940000 (date 2026-07-12)
Problem Types: CWE-295 | CWE-295 CWE-295 Improper Certificate Validation
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | [email protected] | Secondary | 5.7 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/C... |
| 4.0 | CNA | CVSS | 5.7 | MEDIUM | CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/A... |
CVSS v4.0 Breakdown
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Palo Alto Networks | Prisma Access Agent | affected 26.2.1 custom | iOS |
| CNA | Palo Alto Networks | Prisma Access Agent | unaffected All custom | Linux, Windows, macOS, Android, ChromeOS |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| security.paloaltonetworks.com/CVE-2026-0277 | [email protected] | security.paloaltonetworks.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: our internal security research teams (en)
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2026-07-08T16:00:00.000Z | Initial Publication |
Solutions
CNA: Version Minor Version Suggested Solution Prisma Access Agent on iOS 25.0 through 26.2 Upgrade to 26.2.1 or later. Prisma Access Agent on Linux No action needed.Prisma Access Agent on Windows No action needed.Prisma Access Agent on macOS No action needed.Prisma Access Agent on Android No action needed.Prisma Access Agent on ChromeOS No action needed.
Workarounds
CNA: No known workarounds exist for this issue.
Exploits
CNA: Palo Alto Networks is not aware of any malicious exploitation of this issue.