Attackers Can Steal PowerShell Credentials via Data Source Export Feature
CVE-2024-6055

Currently unrated

Key Information:

Vendor: Devolutions
Status: Remote Desktop Manager
Vendor: CVE Published:; 17 June 2024

🔔 Create Devolutions Vulnerability Alert

What is CVE-2024-6055?

Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via stealing the configuration file.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Remote Desktop Manager 0 <= 2024.1.32.0

References

https://devolutions.net/security/advisories/DEVO-2024-0008

Timeline

Vulnerability published
Jun 17, 2024
Vulnerability Reserved
Jun 17, 2024

JSON

Devolutions

What is CVE-2024-6055?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.