Portal Portal Forum Forum Devolutions Force Devolutions Force RDM Online Services RDM Online Services Devolutions Hub Business Devolutions Hub Business Devolutions Hub Personal Devolutions Hub Personal Tools RDM RDM Web Login Web Login Workspace Workspace Launcher Launcher

Security & Compliance

Security & Compliance Reporting a Security Issue Advisories

DEVO-2023-0001

Summary

Remote Desktop Manager is affected by a low severity vulnerability.

Affected Products

Remote Desktop Manager 2022.3.29 to 2022.3.30.

Change Log

Initial publication - 2023-01-24

Severity

Low

Product

Remote Desktop Manager

Fix Version

2022.3.31

Offline mode MFA bypass

Description

The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk.

Remediation and Workarounds

Upgrade to Remote Desktop Manager 2022.3.31 and later.

Severity

Low - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products

Remote Desktop Manager 2022.3.29 to 2022.3.30.

CVE(s)

CVE-2023-0463