CVE-2024-12149
CVSS 3.1 Score 8.1 of 10 (high)
Details
Summary
CVE-2024-12149 is a vulnerability affecting Devolutions Remote Desktop Manager 2024.3.19.0 and earlier versions on Windows. This issue arises from incorrect permission assignments in the temporary access requests component. An authenticated user can exploit this vulnerability to obtain more privileges than originally requested when making temporary permission requests. This misconfiguration poses a potential security risk, allowing unauthorized access or privilege escalation. Users are advised to update to the latest version of Devolutions Remote Desktop Manager to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Devolutions Remote Desktop Manager
Affected Vendors
- Devolutions