CVE-2023-5765

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 1, 2023
Updated: Nov 9, 2023

Summary

CVE-2023-5765 is a newly disclosed access control vulnerability affecting Devolutions Remote Desktop Manager 2023.2.33 and earlier versions on the Windows platform. The password analyzer feature in these versions contains a weakness, enabling unauthorized users to bypass permissions by manipulating data sources. This issue poses a significant risk, as it allows attackers to gain unauthorized access to sensitive data or systems. It is essential for users to update to the latest version or apply available patches to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Devolutions Remote Desktop Manager

Affected Vendors

  • Devolutions