Security & Compliance

DEVO-2022-0010

Summary

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.

Affected Products

Remote Desktop Manager 2022.3.13 to 2022.3.24.

Change Log

Initial publication - 2022-12-7

Severity

Medium

Products

Remote Desktop Manager

Fix Version

2022.3.26

Remote Desktop Manager Azure SQL privilege escalation

Description

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.

Remediation and Workarounds

Update to Remote Desktop Manager 2022.3.26 or higher.

Severity

High - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products

Remote Desktop Manager 2022.3.13 to 2022.3.24

CVE(s)

CVE-2022-3641

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS

Legal & privacy | infos@devolutions.net

All rights reserved © 2025 Devolutions