GlobalProtect bypass shows why VPN trust is the wrong model

At a glance

What this is: This analysis argues that VPNs create a one-time trust decision at the edge, and the GlobalProtect bypass shows how that design turns a single authentication flaw into network-level compromise.

Why it matters: It matters because IAM, PAM, and NHI teams all inherit the same architectural risk when access is granted once and then assumed safe, instead of being re-evaluated per request.

By the numbers:

• Rapid7 traced successful attacks back to at least May 17.
• CISA added CVE-2026-0257 to its Known Exploited Vulnerabilities catalog with a same-day patch deadline for federal agencies.

👉 Read Pomerium's analysis of the GlobalProtect bypass and zero trust access

Context

A VPN bypass is not just a product flaw. It is a reminder that perimeter access controls still concentrate too much trust in a single decision, then assume that decision remains valid for the rest of the session. For identity teams, the issue is not only authentication quality, but whether network access should ever be treated as durable after a single check.

The article focuses on GlobalProtect because the bypass is easy to understand in architectural terms: a forged authentication override cookie is accepted as genuine when certificate handling is weak, and that opens the door to the broader network. That pattern is typical of perimeter-centric remote access design, not an isolated edge case.

Key questions

Q: What breaks when VPN access is granted once at the edge and then trusted across the network?

A: A single successful login becomes a standing network foothold. That breaks the assumption that authentication at the perimeter is enough to keep users safe after the first check. When the session is accepted broadly, any bypass or stolen token can expose more systems than the original application intended, which is why edge trust creates oversized blast radius.

Q: Why do perimeter VPNs increase lateral movement risk in enterprise networks?

A: Perimeter VPNs often turn identity into network placement, so a valid session can reach many internal resources at once. That increases lateral movement risk because the attacker no longer needs to beat each application’s controls separately. Once inside, exposure depends on how much the network trusts the session, not on the original authentication event.

Q: How can security teams tell whether their remote access model is still too dependent on perimeter trust?

A: Look for any architecture where one authentication event unlocks broad internal reachability. If access is not re-evaluated per request, if session tokens can be replayed, or if a single gateway failure can expose multiple applications, the model still depends on perimeter trust rather than continuous authorization.

Q: What should organisations do when a VPN bypass exposes the weakness of edge-based trust?

A: Shift the highest-value applications away from network-wide access and toward identity-aware, request-scoped authorization. Use the incident as a trigger to narrow what a session can reach, reduce the value of any single token, and ensure that no gateway failure can become an internal network breach.

Technical breakdown

Authentication override cookies and certificate trust

PAN-OS relies on authentication override cookies to represent an already-authenticated session. The weakness described in the article appears when the same certificate signs both HTTPS services and the cookies themselves, which gives an attacker a path to mint a token the gateway will accept. At that point, the appliance cannot distinguish a forged cookie from a legitimate one because trust is anchored in the wrong place: a reusable artifact rather than a continuously evaluated identity assertion.

Practical implication: separate signing trust from transport trust so a single certificate failure cannot impersonate a valid VPN session.

Why one VPN login becomes network reachability

Traditional VPN concentrators authenticate a user once, then map that success to network-level access. That means the credential check happens at the edge and is not re-tested as the user moves through the environment. In zero trust terms, the problem is not only login bypass, but the hidden assumption that authenticated network placement is still safe after the first request. Once the session exists, lateral movement depends on what the network exposes, not on whether the user should still be there.

Practical implication: replace network-wide trust with request-scoped access that re-evaluates identity and context each time.

Per-request authorization reduces blast radius

An identity-aware reverse proxy changes the control point from the network perimeter to each application request. Instead of giving a client a general-purpose VPN foothold, it brokers access only when policy, identity, and context all align for that specific service call. That does not remove risk, but it changes failure mode from environment-wide exposure to application-scoped exposure. The design is closer to zero trust architecture than edge authentication because every request remains subject to policy rather than inheriting access from a past login.

Practical implication: move high-value internal applications behind request-level authorization rather than relying on a single authenticated tunnel.

Threat narrative

Attacker objective: The attacker’s objective is to obtain valid VPN access that places them inside the network with the same reachability as an authenticated user.

1. Entry begins when an attacker forges an authentication override cookie that the gateway accepts as genuine, using the certificate trust design described in the article.
2. Credential abuse occurs when that forged cookie is presented to the firewall and converted into a valid VPN session without needing a password or MFA token.
3. Impact follows when the session provides network reachability to internal resources, creating a foothold that can be used for lateral movement if the attacker chooses.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Perimeter trust is a brittle identity assumption, not a security strategy. The article shows that a single authentication event at the edge can be converted into full network reachability, which is the core flaw in VPN-centric access design. Once that trust is granted, the model no longer distinguishes between a legitimate session and a compromised one. Practitioners should treat network placement as an outdated security primitive, not a durable control.

Per-request access is the decisive control shift for remote access governance. The architectural difference is not cosmetic. A request-scoped model forces identity, context, and policy to be re-evaluated every time, which prevents one successful login from becoming a standing foothold. That aligns more closely with zero trust architecture than any perimeter model that grants broad reachability after a single check. Teams should re-evaluate where they still equate authentication with authorization.

Authentication override cookie trust created a replayable trust artifact. The flaw only matters because the gateway accepted a token that could be minted outside the normal identity flow. That is a governance failure as much as a technical one, because the system treated a portable cookie as proof of ongoing legitimacy. Practitioners should view any bearer-like session artifact with the same suspicion they apply to long-lived secrets.

Network-wide trust extends the blast radius of every authentication flaw. The article’s deeper lesson is that a VPN vulnerability is not confined to the gateway. If the gateway is the path to the internal network, then one bypass collapses the distinction between authenticated access and broad internal exposure. Identity governance teams should push for application-scoped controls wherever high-value services are still reachable only through a tunnel.

From our research:

• 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
• Only 5.7% of organisations have full visibility into their service accounts, which means many teams cannot reliably tell where standing access still exists.
• For the broader lifecycle lens, read the Ultimate Guide to NHIs for how visibility, rotation, and offboarding change the blast radius of compromised access.

What this signals

Perimeter-authentication debt: when a single gateway login unlocks broad internal reachability, the organisation is carrying trust debt that no patch can fully repay. Teams should expect more exploitation of edge devices that collapse authentication and authorization into one event, especially where session artifacts can be replayed. The practical answer is not another layer on the perimeter, but narrower access scopes and continuous policy evaluation.

Pomerium's framing aligns with zero trust architecture in one important respect: the control point must move from the network boundary to the request itself. That shift matters for human, workload, and autonomous access patterns because the threat is the same across all three. The reader should assume that any session that is valid for too long, or too broadly, will eventually become a problem.

With 97% of NHIs carrying excessive privileges, according to the Ultimate Guide to NHIs, broad trust boundaries are already too permissive before an edge bypass occurs. In practice, that means remote-access redesign and NHI governance should be planned together, not as separate programmes.

For practitioners

• Inventory every edge-authenticated access path Map which internal services remain reachable only after a single VPN login, then rank them by blast radius. Prioritise applications where a forged session would expose multiple downstream systems, not just one service.
• Separate signing trust from transport trust Review whether the same certificate or trust root is used for multiple authentication functions. If one signing path can produce a cookie or token that the gateway accepts as genuine, isolate those trust domains immediately.
• Replace network reachability with request-scoped policy Move sensitive applications behind identity-aware access that re-checks user identity, device context, and policy on every request. The goal is to eliminate broad network placement as the reward for one successful login.
• Treat perimeter sessions as high-risk bearer artifacts Apply stronger monitoring, shorter session lifetimes, and tighter revocation handling to any session token that can be replayed without re-authentication. If the token can be copied, the session can be abused.

Key takeaways

• A single VPN authentication event can become a network-wide compromise when the gateway treats one trust decision as durable access.
• The incident shows that perimeter controls fail hardest when session artefacts can be forged or replayed without re-checking identity.
• Request-scoped access is the control shift that reduces blast radius when an edge device is bypassed.

Key terms

• Perimeter trust: Perimeter trust is the assumption that a successful login at the edge remains valid for broad internal access. In practice, it turns one authentication event into a durable entitlement. That model is fragile because any flaw in the gateway or session token can expose the full network, not just one application.
• Authentication override cookie: An authentication override cookie is a session artifact a gateway uses to recognise that a user has already authenticated. When poorly designed or improperly signed, it becomes a replayable proof of access. The risk is not the cookie itself, but the fact that the gateway may treat it as sufficient evidence for network reachability.
• Request-scoped authorization: Request-scoped authorization means access is checked each time a user or system asks for a resource, rather than once at login. This approach limits trust duration and narrows the blast radius of any compromise. For identity programmes, it is a stronger model than broad network placement because it keeps policy attached to the action.
• Blast radius: Blast radius is the amount of systems, data, or services exposed when a control fails. In VPN-centric environments, a single bypass can create a large blast radius because the gateway often provides access to many internal assets. Identity teams use this concept to judge whether access controls are scoped tightly enough.

Deepen your knowledge

VPN bypass analysis and request-scoped access are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are redesigning remote access around identity-aware policy, it is worth exploring.

This post draws on content published by Pomerium: Another GlobalProtect bypass, another reminder that the VPN is the wrong place to put your trust. Read the original.