Mark S. C. Smith

**Name of the Vulnerable Software and Affected Versions** Apple Remote Desktop versions prior to 3.6.1 **Description** The issue allows remote attackers to obtain cleartext VNC session content by sniffing the network, due to the failure to recognize the "Encrypt all network data" setting during connections to third-party VNC servers. **Recommendations** For Apple Remote Desktop versions prior to 3.6.1, update to version 3.6.1 or later to resolve the issue.