Attackers Can Access Sensitive Information via Residual Files in Temporary Directory
CVE-2024-2403

5.9MEDIUM

Key Information:

Vendor: Devolutions
Status: Remote Desktop Manager
Vendor: CVE Published:; 13 March 2024

What is CVE-2024-2403?

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory.

Affected Version(s)

Remote Desktop Manager Windows 0 <= 2024.1.12

References

https://devolutions.net/security/advisories/DEVO-2024-0004

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 13, 2024
Vulnerability Reserved
Mar 12, 2024