Avis de sécurité

Sécurité et conformité

Nous respectons les normes les plus élevées pour protéger vos données et garantir la confiance.

Avis Signaler un problème de sécurité Centre de confiance

Retour à la liste

DEVO-2024-0004

Remote Desktop Manager is affected by multiple vulnerabilities.

Produits affectés

Remote Desktop Manager

Windows 2024.1.12 and earlier

Journal des modifications

2024-03-13 - Initial publication

5.9 Medium - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Terrapin vulnerability in Remote Desktop Manager

Remote Desktop Manager is affected by the Terrapin vulnerability in the following modules :

SSH Sessions.
Embedded OpenSSH client used for Powershell Remoting.

We have updated our implementations to include the security fixes.

For more information about the Terrapin vulnerability please consult the following :
https://terrapin-attack.com/

Produits affectés

CVE(s)

CVE-2023-48795

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager 2024.1.15 or higher

2.3 - Low CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Improper cleanup in temporary file handling component.

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory.

Produits affectés

CVE(s)

CVE-2024-2403

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager 2024.1.15 or higher