PatchSiren cyber security CVE debrief
CVE-2026-12161 Devolutions CVE debrief
CVE-2026-12161 is an improper input validation vulnerability in Devolutions Remote Desktop Manager 2026.2.7. An authenticated user with permission to create or modify a shared SSH entry can execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alternate username and user interaction with the Elevate Shell action.
- Vendor
- Devolutions
- Product
- Remote Desktop Manager
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of Devolutions Remote Desktop Manager 2026.2.7 who have permission to create or modify shared SSH entries.
Technical summary
The vulnerability exists in the SSH Elevate Shell feature of Devolutions Remote Desktop Manager 2026.2.7. An authenticated user can exploit this vulnerability by crafting an alternate username and interacting with the Elevate Shell action, allowing them to execute arbitrary commands on a remote SSH host using stored elevation credentials.
Defensive priority
High
Recommended defensive actions
- Apply the patch or update to a fixed version of Devolutions Remote Desktop Manager.
- Restrict permissions to create or modify shared SSH entries to only trusted users.
- Monitor for suspicious activity related to the Elevate Shell action.
Evidence notes
The CVE was published on 2026-06-16T01:16:22.950Z and has not been modified since then. The vendor is identified as Devolutions, and the product is Remote Desktop Manager 2026.2.7.
Official resources
-
CVE-2026-12161 CVE record
CVE.org
-
CVE-2026-12161 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-12161 was published on 2026-06-16T01:16:22.950Z.