What the vulnerability does

01Description

Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and earlier on Windows allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack by presenting a certificate for a different host.

Key dates

02Disclosure timeline

February 10, 2025 CVE published
February 10, 2025 Record updated