CVE Catalog

CVE-2026-12755

LowCVSS 2.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

12th percentile — higher than 12% of all known CVEs

Summary

A vulnerability in Devolutions Server versions 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host. By crafting a DomainName parameter in the PAM AD discovery endpoints, the attacker can capture PAM provider credentials as an NTLMv2 challenge-response.

Risk Assessment

The risk involves leakage of sensitive PAM provider credentials, potentially leading to unauthorized system access and privilege escalation within the organization's IT environment.

Recommendation

Immediately upgrade Devolutions Server to version 2026.2.8.0 or later, which includes a fix for this vulnerability. Until the update is applied, restrict the UserGroupsView permission to trusted users only.

Original NVD description (English source)

Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2 challenge-response, via a crafted DomainName parameter.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS