Improper Access Controls in Entry Duplication Component of Devolutions Remote Desktop Manager: Unauthorized Sharing of Personal Vault Entry

Improper Access Controls in Entry Duplication Component of Devolutions Remote Desktop Manager: Unauthorized Sharing of Personal Vault Entry

CVE-2023-4417 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process.

Learn more about our Cis Benchmark Audit For Desktop Software.