Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-1193

Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and earlier on Windows allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack by presenting a certificate for a different host.

Published

2025-02-10T14:15:30.107

Last Modified

2025-03-28T16:20:35.580

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Secondary
CWE-295
Type: Primary
CWE-295

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	devolutions	remote_desktop_manager	< 2024.3.20.0	Yes
Application	devolutions	remote_desktop_manager	< 2024.3.20.0	Yes

References

https://devolutions.net/security/advisories/DEVO-2025-0001/ Vendor Advisory ([email protected])