CVE-2026-3012

EUVD-2026-32211

27.05.2026, 11:16

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8 HIGH	ADJACENT_NETWORK	HIGH	NONE	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

samba

bookworm	vulnerable
bookworm (security)	2:4.17.12+dfsg-0+deb12u4 fixed
bullseye	vulnerable
bullseye (security)	vulnerable
forky	vulnerable
sid	2:4.24.3+dfsg-1 fixed
trixie	vulnerable
trixie (security)	2:4.22.8+dfsg-0+deb13u2 fixed

Common Weakness Enumeration

CWE-345 - Insufficient Verification of Data Authenticity
The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Vulnerability Media Exposure

[GERMAN] Samba: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Samba ausnutzen, um beliebigen Programmcode auszuführen, um einen Denial of Service Angriff durchzuführen, um Dateien zu manipulieren, und um Sicherheitsvorkehrungen zu umgehen.
Published: 2026-05-26T22:00:00+00:00

References

https://access.redhat.com/security/cve/CVE-2026-3012

https://bugzilla.redhat.com/show_bug.cgi?id=2447319

https://bugzilla.samba.org/show_bug.cgi?id=16003