Incomplete Permission Check in Devolutions Remote Desktop Manager (Before 2021.2.16): Bypassing Permissions via Batch Custom PowerShell

Incomplete Permission Check in Devolutions Remote Desktop Manager (Before 2021.2.16): Bypassing Permissions via Batch Custom PowerShell

CVE-2021-42098 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell.

Learn more about our Cis Benchmark Audit For Desktop Software.