Headline
CVE-2023-6593: Devolutions
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
DEVO-2023-0023****Summary
Remote Desktop Manager iOS is affected by a vulnerability.
Affected Products
Remote Desktop Manager iOS 2023.3.4.0 and earlier
Change Log
2023-12-12 - Initial publication
Severity
Low
Product
Remote Desktop Manager iOS
Fix Version
2023.3.5.0
Client side permission bypass in Remote Desktop Manager iOS****Description
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
Remediation and Workarounds
Upgrade to Remote Desktop Manager iOS 2023.3.5.0 or higher
Severity
2.3 Low - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/U:Green
Affected Products
Remote Desktop Manager iOS 2023.3.4.0 and earlier
CVE(s)
CVE-2023-6593