Skip to main content

Remote Desktop Manager CVE-2026-13372

| EUVDEUVD-2026-39832 HIGH
Use of Incorrectly-Resolved Name or Reference (CWE-706)
2026-06-26 DEVOLUTIONS GHSA-m8cj-qf2v-5g2q
7.2
CVSS 3.1 · Vendor: DEVOLUTIONS
Share

Severity by source

Vendor (DEVOLUTIONS) PRIMARY
7.2 HIGH
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.1 HIGH

Shared workspace is networked (AV:N); needs collaborator write access not admin (PR:L); depends on a display-name collision plus victim running the link (AC:H, UI:R); arbitrary code in victim context yields C/I/A:H.

3.1 AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
4.0 AV:N/AC:H/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (DEVOLUTIONS).

CVSS VectorVendor: DEVOLUTIONS

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jun 26, 2026 - 21:30 vuln.today
CVSS changed
Jun 26, 2026 - 20:22 NVD
7.2 (HIGH)
Patch available
Jun 26, 2026 - 20:02 EUVD
CVE Published
Jun 26, 2026 - 18:22 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name collision with an existing VPN script link.

AnalysisAI

Privilege/context escalation in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 lets an authenticated user with write access to a shared workspace plant a custom PowerShell VPN editor entry whose display name collides with an existing VPN script link, causing the attacker's PowerShell to run in another user's context when that link is resolved. The flaw stems from incorrect link resolution by display name (CWE-706) rather than a stable identifier, yielding total compromise of the victim's session (C:H/I:H/A:H). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as workspace collaborator
Delivery
Create PowerShell VPN entry with colliding display name
Exploit
Victim resolves VPN script link
Execution
RDM mis-resolves to attacker script
Persist
Execute PowerShell in victim context
Impact
Full session compromise

Vulnerability AssessmentAI

Exploitation Exploitation requires: (1) an authenticated attacker who already has write access to a shared RDM workspace/data source; (2) the existence of a legitimate VPN script link in that workspace whose display name the attacker can duplicate (the 'display name collision' is the core prerequisite); (3) use of the custom PowerShell VPN editor feature; and (4) affected versions 2026.2.5-2026.2.11. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Vendor CVSS is 7.2 High with vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, and CISA SSVC reports Exploitation: none, Automatable: no, Technical Impact: total - the signals are internally consistent: high impact but constrained reachability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who is a trusted collaborator with write access to a shared RDM workspace creates a custom PowerShell VPN editor entry whose display name exactly matches an existing, legitimate VPN script link. When another user later invokes that VPN link, RDM resolves it by display name and executes the attacker's PowerShell in the victim's context, granting full code execution as that user. …
Remediation Upgrade Remote Desktop Manager to version 2026.2.11 or later, which is the fixed release per the Devolutions advisory DEVO-2026-0021 (https://devolutions.net/security/advisories/DEVO-2026-0021/); this is the primary and recommended fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems running Remote Desktop Manager 2026.2.5-2026.2.11 and obtain the patched version from Devolutions; restrict shared workspace write permissions to administrative users only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2024-6057 CRITICAL
9.8 Jun 17

Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allo

CVE-2023-6593 CRITICAL
9.8 Dec 12

Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker tha

CVE-2023-5766 CRITICAL
9.8 Nov 01

A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to r

CVE-2023-5765 CRITICAL
9.8 Nov 01

Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on

CVE-2023-4373 CRITICAL
9.8 Aug 21

Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager ve

CVE-2024-11621 HIGH
8.8 Feb 10

Missing certificate validation in Devolutions Remote Desktop Manager on macOS, iOS, Android, Linux allows an attacker to

CVE-2026-12161 HIGH
8.8 Jun 15

OS command injection in the SSH Elevate Shell feature of Devolutions Remote Desktop Manager up to 2026.2.7 lets an authe

CVE-2022-4287 HIGH
8.8 Dec 21

Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on W

CVE-2022-3641 HIGH
8.8 Dec 12

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows

CVE-2021-42098 HIGH
8.8 Oct 18

An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to byp

CVE-2025-1193 HIGH
8.1 Feb 10

Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and

CVE-2024-12149 HIGH
8.1 Dec 04

Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0

Share

CVE-2026-13372 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy