PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-3012 Red Hat CVE debrief

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.

Vendor
Red Hat
Product
Red Hat Enterprise Linux 10
CVSS
HIGH 8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-27
Original CVE updated
2026-06-10
Advisory published
2026-05-27
Advisory updated
2026-06-10

Who should care

Users of Red Hat OpenShift Container Platform and Samba

Technical summary

The vulnerability exists in Samba's certificate auto-enrollment Group Policy handling. Specifically, when certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification.

Defensive priority

HIGH

Recommended defensive actions

  • Apply patches or updates provided by Red Hat or Samba to address the vulnerability.
  • Ensure that certificate auto-enrollment is properly configured and validated.
  • Use secure communication protocols (e.g., HTTPS) for certificate retrieval.

Evidence notes

The vulnerability has been assigned a CVSS score of 8 and is considered HIGH severity.

Official resources

CVE-2026-3012 was published on 2026-05-27T11:16:18.357Z and modified on 2026-06-10T16:17:03.250Z.