Security & Compliance

DEVO-2023-0015

Zusammenfassung

Remote Desktop Manager Windows is affected by multiple security vulnerabilities.

Betroffene Produkte

Remote Desktop Manager Windows

Änderungsprotokoll

Initial Publication - 2023-08-21

Schweregrad

Medium

Produkt

Remote Desktop Manager Windows

Behobene Version

2023.2.22

Unauthorized Connection Exploit via Remote Tools in Remote Desktop Manager

Beschreibung

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.

Behebungen und Workarounds

Upgrade to Remote Desktop Manager Windows 2023.2.22 and higher.

Schweregrad

Medium - 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Betroffene Produkte

Remote Desktop Manager Windows 2023.2.19 and earlier.

CVE(s)

CVE-2023-4373

Incorrect vault used for the duplicate entry feature.

Beschreibung

Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process.

Behebungen und Workarounds

Upgrade to Remote Desktop Manager Windows 2023.2.22 and higher.

Schweregrad

Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 5.7

Betroffene Produkte

Remote Desktop Manager Windows 2023.2.19 and earlier.

CVE(s)

CVE-2023-4417

Wir helfen Unternehmen dabei, das IT-Chaos zu meistern, indem wir Lösungen für Passwortverwaltung, Remoteverbindungen und privilegierte Zugriffsverwaltung bereitstellen.

DEVOLUTIONS

Sicherheit & Datenschutz | infos@devolutions.net

Alle Rechte vorbehalten © 2025 Devolutions