Skip to main content

Server CVE-2026-4434

| EUVDEUVD-2026-13688 HIGH
Improper Certificate Validation (CWE-295)
2026-03-20 DEVOLUTIONS
8.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:19 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
2026.1
EUVD ID Assigned
Mar 20, 2026 - 13:45 euvd
EUVD-2026-13688
Analysis Generated
Mar 20, 2026 - 13:45 vuln.today
CVE Published
Mar 20, 2026 - 12:52 nvd
HIGH 8.1

DescriptionCVE.org

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification.

AnalysisAI

Devolutions Server contains an improper certificate validation vulnerability in its PAM propagation WinRM connections that allows network attackers to conduct man-in-the-middle (MITM) attacks by exploiting disabled TLS certificate verification. This vulnerability affects Devolutions Server versions prior to 2026.1, enabling attackers positioned on the network path to intercept and manipulate WinRM communications without detection. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Position self on network path
Delivery
Intercept WinRM PAM propagation connection
Exploit
Present forged certificate
Execution
Exploit disabled TLS validation
Persist
Decrypt/modify WinRM traffic
Impact
Execute arbitrary commands

Vulnerability AssessmentAI

Exploitation Requires WinRM PAM propagation connections configured with TLS certificate verification disabled. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment This vulnerability presents a high real-world risk despite the absence of a CVSS score in the provided data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker positioned on the network between a Devolutions Server instance and target Windows systems (e.g., via compromised network infrastructure, ARP spoofing, or DNS hijacking) intercepts WinRM connections initiated by Devolutions Server for PAM credential propagation. Because certificate validation is disabled, the attacker presents a self-signed certificate that is accepted without verification. …
Remediation Immediately upgrade Devolutions Server to version 2026.1 or later, which includes the certificate validation fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Devolutions Server instances and identify versions prior to 2026.1; document current version numbers and deployment scope. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Server

View all
CVE-2026-43639 HIGH POC
8.9 May 11

Provider service users in Bitwarden Server Cloud can hijack arbitrary organizations via unauthorized API endpoint access

CVE-2026-43640 HIGH POC
8.6 May 11

Authentication bypass in Bitwarden Server versions prior to 2026.4.1 allows authenticated users with SCIM management pri

CVE-2019-25609 HIGH POC
8.6 Mar 22

JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration fiel

CVE-2026-57520 HIGH POC
7.1 Jun 25

Privilege escalation in self-hosted Bitwarden Server before 2026.5.0 lets an authenticated organization member holding a

CVE-2026-49261 CRITICAL
9.8 Jun 11

OS command injection in MariaDB Server (CWE-78) lets an attacker achieve remote code execution on Galera cluster nodes b

CVE-2026-57521 MEDIUM POC
5.3 Jun 25

Broken access control in Bitwarden Server before 2026.5.0 exposes organization billing data to any authenticated user vi

CVE-2026-43638 MEDIUM POC
5.3 May 11

Bitwarden Server prior to v2026.4.1 allows any authenticated user to write ciphers (encrypted credentials) into arbitrar

CVE-2026-4924 HIGH
8.2 Apr 01

Devolutions Server 2026.1.11 and earlier allows authenticated remote attackers to bypass two-factor authentication by re

CVE-2026-4828 HIGH
8.2 Apr 01

Devolutions Server versions 2026.1.11 and earlier allow authenticated remote attackers to bypass multi-factor authentica

CVE-2026-41161 MEDIUM
6.9 May 08

Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version

CVE-2025-15316 MEDIUM
6.7 Feb 09

Tanium addressed a local privilege escalation vulnerability in Tanium Server. [CVSS 6.7 MEDIUM]

CVE-2025-15315 MEDIUM
6.7 Feb 09

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. [CVSS 6.7 MEDIUM]

Share

CVE-2026-4434 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy