There are thousands of devices connecting to a server in the cloud with one way SSL where cloud has CA signed cert installed.
Assuming device does proper SSL cert validation when connecting to the server and fails the connection if there is validation failure, Is it possible to still perform MiTM to inspect (possible modify) the SSL traffic? If Yes, how?