One way ssl and mitm

There are thousands of devices connecting to a server in the cloud with one way SSL where cloud has CA signed cert installed.

Assuming device does proper SSL cert validation when connecting to the server and fails the connection if there is validation failure, Is it possible to still perform MiTM to inspect (possible modify) the SSL traffic? If Yes, how?

For first question, if the device only verifies certificate normally like it should, then you can install the root certificate of MITM proxy to the trust store of the device. Note that this only works for Android 6 or below.