CVE-2024-11621
Published: 10 February 2025
Summary
CVE-2024-11621 is a high-severity Improper Certificate Validation (CWE-295) vulnerability in Devolutions Remote Desktop Manager. Its CVSS base score is 8.8 (High).
Operationally, ranked at the 35.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SC-8 (Transmission Confidentiality and Integrity).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires systems to validate PKI certificates by constructing certification paths to trust anchors, preventing man-in-the-middle attacks due to missing certificate validation.
Mandates timely identification, reporting, and patching of system flaws like this CVE, directly mitigating the missing certificate validation vulnerability via vendor-provided updates.
Ensures confidentiality and integrity of transmitted information using cryptographic protections that require proper certificate validation to block interception and modification in remote desktop communications.
NVD Description
Missing certificate validation in Devolutions Remote Desktop Manager on macOS, iOS, Android, Linux allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack. Versions affected are : Remote Desktop Manager macOS 2024.3.9.0 and earlier Remote Desktop Manager…
more
Linux 2024.3.2.5 and earlier Remote Desktop Manager Android 2024.3.3.7 and earlier Remote Desktop Manager iOS 2024.3.3.0 and earlier Remote Desktop Manager Powershell 2024.3.6.0 and earlier
Deeper analysisAI
CVE-2024-11621 is a missing certificate validation vulnerability (CWE-295) in Devolutions Remote Desktop Manager, affecting the macOS version 2024.3.9.0 and earlier, Linux version 2024.3.2.5 and earlier, Android version 2024.3.3.7 and earlier, iOS version 2024.3.3.0 and earlier, and PowerShell version 2024.3.6.0 and earlier. Published on 2025-02-10, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H). The issue enables attackers to intercept and modify encrypted communications via man-in-the-middle attacks due to improper certificate checks.
A remote, unauthenticated attacker can exploit this vulnerability by positioning themselves between the victim and the target server, such as through a malicious network or by tricking the user into connecting via a controlled proxy. User interaction is required, typically for the victim to initiate or accept a connection in the affected Remote Desktop Manager client. Successful exploitation allows the attacker to read sensitive data in transit and alter communications, resulting in high impacts to confidentiality, integrity, and availability.
Devolutions has published security advisory DEVO-2025-0001 at https://devolutions.net/security/advisories/DEVO-2025-0001/, which provides details on mitigation and patching instructions for affected versions.
Details
- CWE(s)