High7.7Palo Alto Networks
Prisma SD-WAN: improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middl…
CVE-2026-0244 Published May 13, 2026Updated by vendor Jun 17, 2026
CVE-2026-0244
Affected products & platforms
Palo Alto NetworksPrisma Access
Summary
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller.
Affected versions
- Prisma SD-WAN ION < 6.5.3-b15
- Prisma SD-WAN ION < 6.4.3-b8
- Prisma SD-WAN ION < 6.3.6-b10
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Fixed versions
- Prisma SD-WAN ION >= 6.5.3-b15
- Prisma SD-WAN ION >= 6.4.3-b8
- Prisma SD-WAN ION >= 6.3.6-b10
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Upgrade to a fixed release: Prisma SD-WAN ION >= 6.5.3-b15; Prisma SD-WAN ION >= 6.4.3-b8; Prisma SD-WAN ION >= 6.3.6-b10.
Temporary workarounds
- No known workarounds exist for this issue.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.