CVE-2026-0228

PAN-OS: Improper Validation of Terminal Server Agent Certificate

Description

An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.

INFO

Published Date :

2026-02-11T17:55:44.109Z

Last Modified :

2026-02-11T19:04:15.415Z

Source :

palo_alto

AFFECTED PRODUCTS

The following products are affected by CVE-2026-0228 vulnerability.

Vendors	Products
Palo Alto Networks	Cloud Ngfw Pan-os Prisma Access

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0228.

URL	Resource
https://security.paloaltonetworks.com/CVE-2026-0228

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability