Description
Improper input validation in the SSH Elevate Shell feature in
Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user
with permission to create or modify a shared SSH entry to execute
arbitrary commands on a remote SSH host using stored elevation
credentials via a crafted alternate username and user interaction with
the Elevate Shell action.
Published: 2026-06-15
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Improper input validation in the SSH Elevate Shell feature allows an authenticated user with permission to create or modify a shared SSH entry to supply a crafted alternate username. When the user then invokes the Elevate Shell action, the application passes the supplied credentials directly to the remote SSH host, enabling the attacker to execute arbitrary commands and potentially gain full control of the target system.

Affected Systems

Devolutions Remote Desktop Manager, version 2026.2.7. The advisory explicitly mentions this release.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity vulnerability. The EPSS score of less than 1% suggests a low probability of exploitation in the wild, and the vulnerability is not listed in CISA KEV. Attack requires an authenticated user with the ability to modify shared SSH entries, so the threat is limited to users with those permissions. Exploitation involves crafting a malicious alternate username that is then sent to the SSH host, resulting in remote code execution.

Generated by OpenCVE AI on June 17, 2026 at 21:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Obtain and install the latest patch for Devolutions Remote Desktop Manager from the vendor’s advisory linked above.
  • Restrict the ability to create or modify shared SSH entries to only trusted users and audit those permissions regularly.
  • If the Elevate Shell feature is not needed, disable or remove it from the user interface to eliminate the attack surface.

Generated by OpenCVE AI on June 17, 2026 at 21:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title Remote Command Execution via Malicious SSH Elevate Shell Input

Tue, 16 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Title Remote Command Execution via Malicious SSH Elevate Shell Input

Tue, 16 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:windows:*:*

Tue, 16 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 06:30:00 +0000

Type Values Removed Values Added
First Time appeared Devolutions
Devolutions remote Desktop Manager
Vendors & Products Devolutions
Devolutions remote Desktop Manager

Tue, 16 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
Description Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alternate username and user interaction with the Elevate Shell action.
Weaknesses CWE-78
References

Subscriptions

Devolutions Remote Desktop Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: DEVOLUTIONS

Published:

Updated: 2026-06-16T15:00:25.327Z

Reserved: 2026-06-12T19:16:15.418Z

Link: CVE-2026-12161

cve-icon Vulnrichment

Updated: 2026-06-16T15:00:18.035Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-16T01:16:22.950

Modified: 2026-06-16T20:32:33.077

Link: CVE-2026-12161

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-17T22:00:04Z

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')