First published: Tue Dec 20 2022(Updated: )
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application.
Credit: security@devolutions.net security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Remote Desktop Manager | <2022.3.27 | |
<2022.3.27 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-4287 is a vulnerability in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows, which allows a malicious user to bypass authentication and access the application.
CVE-2022-4287 has a severity rating of 8.8, which is classified as high.
CVE-2022-4287 affects Devolutions Remote Desktop Manager version 2022.3.26 and earlier on Windows.
A malicious user can exploit CVE-2022-4287 by bypassing authentication in the local application lock feature of Devolutions Remote Desktop Manager and gaining unauthorized access to the application.
At the time of writing, a fix for CVE-2022-4287 has not been released. It is recommended to follow the vendor's advisory for any updates or patches.