CVE-2026-0248
CWE-295Published: May 13, 2026· Updated: May 14, 2026
Official Description
An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information.
The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.
Technical Analysis
CVE-2026-0248 requires adjacent network access, limiting remote exploitation but still posing risk in shared or local network environments.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
All References (1)
Quick Facts
Related CVEs (CWE-295)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-0248 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts