Vulnerabilities > Devolutions > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-6593 | Incorrect Permission Assignment for Critical Resource vulnerability in Devolutions Remote Desktop Manager Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction. | 9.8 |
| 2023-11-01 | CVE-2023-5765 | Unspecified vulnerability in Devolutions Remote Desktop Manager Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching. | 9.8 |
| 2023-11-01 | CVE-2023-5766 | Unspecified vulnerability in Devolutions Remote Desktop Manager A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session on the same host via a specially crafted TCP packet. | 9.8 |
| 2023-08-21 | CVE-2023-4373 | Improper Authentication vulnerability in Devolutions Remote Desktop Manager Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. | 9.8 |