Follow Devolutions Security Advisories, filter it, and define how you want to receive the news (via Email, RSS, Telegram, WhatsApp etc.) https://follow.it/devolutions-security-advisories Mon, 02 Oct 2023 19:23:08 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveXy9VAsIm1DSxhxzpi7FpJ The embedded chromium browser component used by Remote Desktop Manager is currently affected by a critical security vulnerability. The vulnerability (CVE-2023-4863) is in the libwebp library used by the chromium engine. This component is managed by a third-party and can't be patched on our end. **We advise not to use the embedded chrome browser in the web site entries and switch to another browser such as Microsoft Edge in the meantime. You can switch browser by editing the entry and changing the Web browser property to Microsoft Edge. By default, RDM uses Microsoft Edge if the default configuration hasn't been modified.** We are actively working with the third party software company to get this fix out as soon as possible. This advisory will be updated consequently. We recently released a new Remote Desktop Manager Windows version (2023.2.32) to fix the use of a component (SkiaSharp) also affected by the same vulnerability and recommend updating to it as soon as possible. SkiaSharp component is used for rendering images in our products.]]> Mon, 02 Oct 2023 15:01:50 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveXy9VAsIm1DSxhxzpi7FpJ https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvfgWEOscY9LNt3hDS9njgCr Remote Desktop Manager Windows is affected by multiple security vulnerabilities.]]> Tue, 15 Aug 2023 16:17:04 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvfgWEOscY9LNt3hDS9njgCr https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveo8DRGbhdXYKrkJyTkC_2b Devolutions Server is affected by a security vulnerability.]]> Tue, 20 Jun 2023 16:08:52 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveo8DRGbhdXYKrkJyTkC_2b https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvd7AbQve7-lLLb9ICM-PHur Devolutions Server subscription functionality is affected by a security vulnerability]]> Tue, 02 May 2023 15:07:45 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvd7AbQve7-lLLb9ICM-PHur https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdFiwU1-nw-wd3hDS9njgCr Remote Desktop Manager Windows is affected by a security vulnerability.]]> Tue, 25 Apr 2023 18:06:15 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdFiwU1-nw-wd3hDS9njgCr https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdFiwU1-nw-wRtLdxSOwF-n Workspace Desktop application is affected by a security vulnerability.]]> Mon, 24 Apr 2023 19:15:08 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdFiwU1-nw-wRtLdxSOwF-n https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvc_NLmMug9HoGnhpmeYcemU Devolutions Server support ticked endpoints are affected by a security vulnerability.]]> Mon, 17 Apr 2023 15:11:47 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvc_NLmMug9HoGnhpmeYcemU https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdWC_xf9HCaJ6rkJyTkC_2b Remote Desktop Manager is affected by multiple security vulnerabilities.]]> Tue, 11 Apr 2023 19:40:52 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdWC_xf9HCaJ6rkJyTkC_2b https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveCOh5OPON4B2nhpmeYcemU Devolutions Server and Remote Desktop Manager are affected by multiple security vulnerabilities.]]> Thu, 23 Mar 2023 16:57:13 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveCOh5OPON4B2nhpmeYcemU https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvetdSSfVV1Z3HMq2h3ehXEp Devolutions Gateway is affected by a vulnerability.]]> Wed, 22 Mar 2023 19:55:55 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvetdSSfVV1Z3HMq2h3ehXEp https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvcZ1p9i9wMF6AX50KYzL9tX Remote Desktop Manager MSSQL data source is affected by a vulnerability.]]> Wed, 22 Mar 2023 14:40:31 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvcZ1p9i9wMF6AX50KYzL9tX https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvf4892ebHopUmhamfNIiY2W Devolutions Server secure messages feature is affected by a security vulnerability.]]> Mon, 06 Mar 2023 19:07:34 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvf4892ebHopUmhamfNIiY2W https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveUORY0lRSYnYeLGixeGJZp The Hub Business submodule of the Remote Desktop Manager PowerShell module is affected by a vulnerability.]]> Mon, 06 Mar 2023 18:31:25 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveUORY0lRSYnYeLGixeGJZp https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdZfDauNx4zPOQEmsPXZ5C9 Devolutions Server is affected by multiple security vulnerabilities.]]> Wed, 22 Feb 2023 15:38:01 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdZfDauNx4zPOQEmsPXZ5C9 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvf2BAJNCCN3nheIF_fEM9tn Devolutions Server is affected by a security vulnerability.]]> Fri, 03 Feb 2023 17:46:29 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvf2BAJNCCN3nheIF_fEM9tn https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdkkqW9-KFwyqbel3Iu4GjH Remote Desktop Manager is affected by a low severity vulnerability.]]> Tue, 24 Jan 2023 18:36:40 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdkkqW9-KFwyqbel3Iu4GjH https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdN8Gp1GIn0hrmyhX6zo8SW Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager  2022.3.26 and earlier on Windows allows malicious user to access the application.]]> Tue, 20 Dec 2022 16:11:45 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvdN8Gp1GIn0hrmyhX6zo8SW https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvcv403LA8BVSi1Ly282xAAw Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.]]> Wed, 07 Dec 2022 16:27:10 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHvcv403LA8BVSi1Ly282xAAw https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveqQappK1yNyGW0GqTRQSgk The MSI installers for Devolutions Server Console and Remote Desktop Manager were vulnerable to a local privilege escalation. This issue is caused by a vulnerability in the Advanced Installer product. The following Advanced Installer release fixes this issue : https://www.advancedinstaller.com/release-20.1.html]]> Thu, 17 Nov 2022 23:07:01 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveqQappK1yNyGW0GqTRQSgk https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveqQappK1yNyM4HQhe4ZUzd Dashlane password and Keepass Server password in My Account Settings is stored unencrypted in the database.]]> Mon, 31 Oct 2022 22:19:38 +0200 https://api.follow.it/track-rss-story-click/v3/ipv4Lh8GHveqQappK1yNyM4HQhe4ZUzd