An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic.
The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Prisma_access_agent | Paloaltonetworks | * | 26.2.1 (excluding) |