Primary

Context

Palo Alto Networks Prisma SD-WAN ION Improper Certificate Validation Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

A vulnerability allowing improper certificate validation has been identified in Palo Alto Networks Prisma SD-WAN ION. This issue enables a man-in-the-middle (MitM) attacker to impersonate the controller. The vulnerability exists in versions 6.5.1 prior to 6.5.3-b15, 6.4.1 prior to 6.4.3-b8, and 6.3.1 prior to 6.3.6-b10.

Impact

Exploitation of this vulnerability could lead to man-in-the-middle attacks, allowing an attacker to impersonate the controller and potentially intercept or manipulate communications.

Remediation

Users can upgrade to Prisma SD-WAN ION 6.5.3-b15 or later, 6.4.3-b8 or later, or 6.3.6-b10 or later. For those using versions 6.1 or 5.6, no action is needed.

Added: May 13, 2026, 7:42 PM

Updated: May 13, 2026, 7:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.5

remediation

0.0

relevance

8.2

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.5

remediation

0.0

relevance

8.2

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Palo Alto Networks Prisma SD-WAN ION Improper Certificate Validation Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Impact

Remediation

Affected Products

Palo Alto Networks Prisma SD-WAN ION

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating