Vulnerability Description
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Devolutions | Remote Desktop Manager | <= 2023.2.33 |
| Microsoft | Windows | - |
References
- https://devolutions.net/security/advisories/DEVO-2023-0019/Vendor Advisory
- https://devolutions.net/security/advisories/DEVO-2023-0019/Vendor Advisory
FAQ
What is CVE-2023-5765?
CVE-2023-5765 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching.
How severe is CVE-2023-5765?
CVE-2023-5765 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-5765?
Check the references section above for vendor advisories and patch information. Affected products include: Devolutions Remote Desktop Manager, Microsoft Windows.