Security & Compliance

DEVO-2023-0023

Summary

Remote Desktop Manager iOS is affected by a vulnerability.

Affected Products

Remote Desktop Manager iOS 2023.3.4.0 and earlier

Change Log

2023-12-12 - Initial publication

Severity

Low

Product

Remote Desktop Manager iOS

Fix Version

2023.3.5.0

Client side permission bypass in Remote Desktop Manager iOS

Description

Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.

Remediation and Workarounds

Upgrade to Remote Desktop Manager iOS 2023.3.5.0 or higher

Severity

2.0 Low - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/U:Green

Affected Products

Remote Desktop Manager iOS 2023.3.4.0 and earlier

CVE(s)

CVE-2023-6593