Remote Code Execution Vulnerability Found in Remote Desktop Manager

    Recent findings have revealed that Remote Desktop Manager and Devolutions Server are grappling with significant security flaws. These flaws primarily involve improper access control and the potential for remote code execution. The industry has recognised these issues by allocating CVE identifiers: CVE-2023-5766, CVE-2023-5765, and CVE-2023-5358. They have received severity scores that range from medium to high.

    Remote Desktop Manager Under Threat

    System administrators rely on Remote Desktop Manager for remote system access across various platforms. However, a worrying vulnerability, tracked as CVE-2023-5766, affects all versions up to 2023.2.33 on Windows. This high-severity flaw allows threat actors to execute code remotely by sending a specially crafted TCP packet from another user session on the same host.

    Devolutions Server’s Password Analyzer Flaw

    Devolutions Server offers a self-hosted solution for managing privileged accounts and passwords within organizations. Yet, it’s not without its flaws. The password analyzer feature in Devolutions Remote Desktop Manager, identified as CVE-2023-5765, allows attackers to switch data sources and bypass permissions. This medium-severity issue affects versions up to 2023.2.33 on Windows.

    Exploitation of Report Log Filters

    Another medium-severity issue, CVE-2023-5358, impacts Devolutions Server’s report log filters in versions before 2023.2.10.0. Attackers can exploit this flaw to manipulate log extraction from vaults or control access to entries via the report request URL query parameters.

    Steps to Mitigate Risks

    To neutralize these threats, users must upgrade their software to the latest releases. For Remote Desktop Manager, versions 2023.3.20 or later address the vulnerabilities CVE-2023-5766 and CVE-2023-5765. Devolutions Server users should upgrade to version 2023.3.4.0 or later to secure against CVE-2023-5358.

    Users must adopt these upgrades promptly to shield against these vulnerabilities. Additionally, employing a robust Patch Manager Plus tool can further fortify defences by ensuring timely application patches for over 850 third-party apps.

    Latest articles

    Related articles