CRITICAL🇵🇱 Wersja polska

CVE-2023-4373

CVSS 9.8v3.1pub. 2023-08-21upd. 2024-11-21

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Devolutions Remote Desktop Manager

    APP
    Devolutions
    ≤ 2023.2.19
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2026-2590CRITICAL9.8PL ✓ten sam produkt

Błędne egzekwowanie zakazu zapisywania haseł w Devolutions Remote Desktop Manager

CVE-2024-6057CRITICAL9.8PL ✓ten sam produkt

Pominięcie hasła master vault w Devolutions Remote Desktop Manager

CVE-2023-6593CRITICAL9.8PL ✓ten sam produkt

Pomijanie uprawnień po stronie klienta w Devolutions Remote Desktop Manager na iOS

CVE-2023-5766CRITICAL9.8ten sam produkt

A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an a...

CVE-2023-5765CRITICAL9.8ten sam produkt

Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and e...