Primary

Context

Devolutions Remote Desktop Manager Windows Improper Host Validation Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Patched

A vulnerability exists in Devolutions Remote Desktop Manager for Windows, specifically in versions through 2024.3.19, due to improper host validation in the certificate validation component. This flaw allows attackers to intercept and modify encrypted communications by presenting a certificate for a different host, effectively executing a man-in-the-middle attack.

Impact

Exploitation of this vulnerability allows for interception and modification of encrypted communications, creating a man-in-the-middle attack scenario.

Remediation

Users can upgrade to Devolutions Remote Desktop Manager for Windows version 2024.3.20.0 or higher to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

5.0

exploitability

4.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

5.0

exploitability

4.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Devolutions Remote Desktop Manager Windows Improper Host Validation Vulnerability Allowing Man-in-the-Middle Attacks

Vulnerability

Impact

Remediation

Affected Products

Devolutions Remote Desktop Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating