CVE-2026-4434

Summary

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification.

Affected Software

VendorProductVersion RangeStatus
DevolutionsServer0 < 2026.1affected

Weaknesses

  • CWE-295: CWE-295 Improper certificate validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References