Improper Multi-Factor Authentication Enforcement in Devolutions Server
CVE-2026-14536
Currently unrated
What is CVE-2026-14536?
An issue exists in Devolutions Server 2026.2.9.0 where improper enforcement of multi-factor authentication policies allows attackers with valid user credentials to bypass the MFA requirement. This vulnerability stems from the handling of an invalid default MFA value, which could enable unauthorized authentication. Effective security measures and updates are essential to mitigate this risk and safeguard user accounts from potential exploitation.
Affected Version(s)
Server 2026.2.4 < 2026.2.9
