Authorization Bypass in Devolutions Remote Desktop Manager for Windows
CVE-2024-11672

Currently unrated

Key Information:

Vendor: Devolutions
Status: Remote Desktop Manager
Vendor: CVE Published:; 25 November 2024

🔔 Create Devolutions Vulnerability Alert

What is CVE-2024-11672?

The Devolutions Remote Desktop Manager on Windows has a flaw in its add permission component that allows an authenticated user to bypass the 'Add' permission when using the import feature in the vault. This vulnerability opens the door for potential unauthorized access, enabling malicious users to manipulate permissions and access sensitive data without proper authorization.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://devolutions.net/security/advisories/DEVO-2024-0016

Timeline

Vulnerability published
Nov 25, 2024

JSON

Devolutions

What is CVE-2024-11672?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.