CVE-2026-4434 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: March 23, 2026
PAM propagation WinRM - Man-in-the-Middle
Overview
PAM propagation WinRM connections contain a man-in-the-middle vulnerability caused by improper certificate validation due to disabled TLS certificate verification, letting network attackers intercept and modify communications, exploit requires network access.
Severity & Score
Impact
Network attackers can intercept and modify communications, potentially stealing sensitive data or injecting malicious content.
Mitigation
Enable proper TLS certificate validation or update to a version with correct certificate verification.
Social Media Activity(2 posts)
š CVE-2026-4434 - High (8.1) Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification. š https://www.thehackerwire.com/vulnerability/CVE-2026-4434/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-4434 - High (8.1) Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification. š https://www.thehackerwire.com/vulnerability/CVE-2026-4434/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-4434
- Severity
- High
- CVSS Score
- 8.1
- Type
- man_in_the_middle
- Status
- unconfirmed
- EPSS
- 1.0%
- Social Posts
- 2
CWE
- CWE-295
CVSS Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H