Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDevolutions Remote Desktop Manager
APPDevolutions≤ 2023.2.19
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
Related vulnerabilities
CVE-2026-2590CRITICAL9.8PL ✓ten sam produkt
Błędne egzekwowanie zakazu zapisywania haseł w Devolutions Remote Desktop Manager
CVE-2024-6057CRITICAL9.8PL ✓ten sam produkt
Pominięcie hasła master vault w Devolutions Remote Desktop Manager
CVE-2023-6593CRITICAL9.8PL ✓ten sam produkt
Pomijanie uprawnień po stronie klienta w Devolutions Remote Desktop Manager na iOS
CVE-2023-5766CRITICAL9.8ten sam produkt
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an a...
CVE-2023-5765CRITICAL9.8ten sam produkt
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and e...