CVE-2026-4924
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.2 / 10
Vector String
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
Vulnerability Description
Improper
authentication in the two-factor authentication (2FA) feature in
Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid
credentials to bypass multifactor authentication and gain unauthorized
access to the victim account via reuse of a partially authenticated
session token.
authentication in the two-factor authentication (2FA) feature in
Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid
credentials to bypass multifactor authentication and gain unauthorized
access to the victim account via reuse of a partially authenticated
session token.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-1390
Source
NVD
Vendor
devolutions
Product
devolutions_server
Discussion (0)
Add Comment
No comments yet. Be the first!