First published: Mon Oct 18 2021(Updated: )
An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell.
Credit: security@devolutions.net security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Remote Desktop Manager | <2021.2.16 | |
<2021.2.16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-42098 is high, with a CVSS score of 8.8.
CVE-2021-42098 allows attackers to bypass permissions in Devolutions Remote Desktop Manager before version 2021.2.16.
The affected software for CVE-2021-42098 is Devolutions Remote Desktop Manager before version 2021.2.16.
Attackers can exploit CVE-2021-42098 by using batch custom PowerShell to bypass permissions in Devolutions Remote Desktop Manager before version 2021.2.16.
Yes, the fix for CVE-2021-42098 is to update Devolutions Remote Desktop Manager to version 2021.2.16 or later.