cbcvebase.
CVE-2026-0228
published 2026-02-11

CVE-2026-0228: An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even…

PriorityP414low1.3CVSS 4.0
AVNACLATNPRLUINVCNVILVANSCLSINSANEUCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUNRUVDREMUAmber
EPSS
0.19%
8.6th percentile
An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.

Affected

7 ranges
VendorProductVersion rangeFixed in
palo_alto_networkspan-os>= 10.2.0 < 10.2.1710.2.17
palo_alto_networkspan-os>= 11.1.0 < 11.1.1111.1.11
palo_alto_networkspan-os>= 11.2.0 < 11.2.811.2.8
palo_alto_networksprisma_access>= 10.2.0 < 10.2.10-h2810.2.10-h28
paloaltocloud_ngfw
paloaltopan-os
paloaltoprisma_access
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.