CVE-2024-11670 Information

Nov 26, 2024 cve

Description

Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the \View Password\ permission via specific actions.

Reference

https://devolutions.net/security/advisories/DEVO-2024-0015

Share on: