First published: Wed Dec 07 2022(Updated: )
Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.
Credit: security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Remote Desktop Manager | >=2022.3.13<2022.3.26 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this elevation of privilege vulnerability is CVE-2022-3641.
The title of this vulnerability is 'Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13'.
The severity of CVE-2022-3641 is high with a CVSS score of 8.8.
Versions 2022.3.13 to 2022.3.24 of Devolutions Remote Desktop Manager are affected by CVE-2022-3641.
An authenticated user can exploit CVE-2022-3641 to spoof a privileged account.
More information about CVE-2022-3641 can be found at https://devolutions.net/security/advisories/DEVO-2022-0010.