CVE-2024-11621

Name of the Vulnerable Software and Affected Versions Devolutions Remote Desktop Manager macOS versions 2024.3.9.0 and earlier Devolutions Remote Desktop Manager Linux versions 2024.3.2.5 and earlier Devolutions Remote Desktop Manager Android versions 2024.3.3.7 and earlier Devolutions Remote Desktop Manager iOS versions 2024.3.3.0 and earlier Devolutions Remote Desktop Manager Powershell versions 2024.3.6.0 and earlier

Description The issue is related to missing certificate validation in Devolutions Remote Desktop Manager, which allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack. This affects the software on various platforms, including macOS, iOS, Android, Linux, and Powershell.

Recommendations For Devolutions Remote Desktop Manager macOS versions 2024.3.9.0 and earlier, update to a version later than 2024.3.9.0 to resolve the issue. For Devolutions Remote Desktop Manager Linux versions 2024.3.2.5 and earlier, update to a version later than 2024.3.2.5 to resolve the issue. For Devolutions Remote Desktop Manager Android versions 2024.3.3.7 and earlier, update to a version later than 2024.3.3.7 to resolve the issue. For Devolutions Remote Desktop Manager iOS versions 2024.3.3.0 and earlier, update to a version later than 2024.3.3.0 to resolve the issue. For Devolutions Remote Desktop Manager Powershell versions 2024.3.6.0 and earlier, update to a version later than 2024.3.6.0 to resolve the issue.