Devolutions Remote Desktop Manager
Moderate fix6 remedies
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*
Moderate fix6 remedies
- <= 2024.3.19.0
- <= 2024.3.9.0
- <= 2024.3.2.5
- <= 2024.3.3.7
- <= 2024.3.3.0
- <= 2024.3.6.0
Devolutions Remote Desktop Manager Missing Certificate Validation Vulnerability
Vulnerability
Patched
A vulnerability exists in Devolutions Remote Desktop Manager across multiple platforms, including macOS, iOS, Android, and Linux, due to missing certificate validation. This flaw allows attackers to intercept and modify encrypted communications, facilitating a man-in-the-middle attack. The issue is present in Remote Desktop Manager versions for macOS through 2024.3.9.0, Linux through 2024.3.2.5, Android through 2024.3.3.7, iOS through 2024.3.3.0, and PowerShell through 2024.3.6.0.
Impact
Exploitation of this vulnerability enables man-in-the-middle attacks, where an attacker can intercept and alter encrypted communications between the user and the remote service.
Remediation
Users can upgrade to Devolutions Remote Desktop Manager macOS version 2024.3.10.3 or higher, Remote Desktop Manager Linux version 2024.3.2.9 or higher, Remote Desktop Manager Android version 2024.3.4.2 or higher, Remote Desktop Manager iOS version 2024.3.4.0 or higher, or Remote Desktop Manager PowerShell version 2024.3.7.0 or higher.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
2.4impact
2.5exploitability
4.0remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.