Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux

MonitorCVSS 6.9CVE-2026-0268Jun 10, 2026

Palo Alto NetworksTransportation

IT in OT - Palo Alto firewalls are commonly deployed at IT/OT network boundaries

Summary

A local authenticated user on a Linux system running Prisma Access Agent can bypass VPN enforcement controls and route network traffic outside the VPN tunnel, exposing traffic that should be protected. This vulnerability does not affect Windows, macOS, iOS, Android, or Chrome OS versions of the agent.

What this means

What could happen

An employee or contractor with access to a Linux workstation running Prisma Access Agent could bypass VPN protections and send network traffic outside the encrypted tunnel, potentially exposing sensitive operational data or command traffic to interception.

Who's at risk

Transportation sector organizations and any enterprise using Prisma Access Agent on Linux workstations. This includes remote workers, field technicians, and office staff whose Linux devices need to send sensitive traffic (SCADA communications, engineering tool access, or operational data) over protected VPN connections.

How it could be exploited

An attacker with local login access to a Linux system running Prisma Access Agent can manipulate the agent's network enforcement to bypass the VPN tunnel. The attacker then routes sensitive network traffic directly over the internet instead of through the protected VPN connection, where it can be monitored or intercepted.

Prerequisites

Local user account on a Linux system running affected Prisma Access Agent version
Ability to execute commands on the Linux system

Affects remote access to industrial networksNo fix available for non-Linux platformsRequires local access but could expose critical operational traffic

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (6)

1 with fix5 pending

ProductAffected VersionsFix Status

Prisma Access AgentBelow 26.2.1 on Linux26.2.1 on Linux+

Prisma Access AgentNone on WindowsNo fix yet

Prisma Access AgentNone on macOSNo fix yet

Prisma Access AgentNone on iOSNo fix yet

Prisma Access AgentNone on AndroidNo fix yet

Prisma Access AgentNone on Chrome OSNo fix yet

Remediation & Mitigation

0/4

Do now

0/1

HARDENINGRestrict local user login on Linux workstations to only trusted employees; disable unnecessary user accounts

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

Prisma Access Agent

HOTFIXUpdate Prisma Access Agent to version 26.2.1 or later on all Linux workstations

All products

HARDENINGMonitor outbound traffic from Linux workstations to detect connections originating outside the VPN tunnel

Long-term hardening

0/1

HARDENINGFor Windows, macOS, and mobile devices: verify no alternative VPN bypass mechanisms exist and test VPN tunnel enforcement

CVEs (1)

CVE-2026-0268

View full vendor advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b8d18958-3d7e-4197-aabd-c630a684a11e

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.