Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Shared workspace is networked (AV:N); needs collaborator write access not admin (PR:L); depends on a display-name collision plus victim running the link (AC:H, UI:R); arbitrary code in victim context yields C/I/A:H.
Primary rating from Vendor (DEVOLUTIONS).
CVSS VectorVendor: DEVOLUTIONS
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name collision with an existing VPN script link.
AnalysisAI
Privilege/context escalation in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 lets an authenticated user with write access to a shared workspace plant a custom PowerShell VPN editor entry whose display name collides with an existing VPN script link, causing the attacker's PowerShell to run in another user's context when that link is resolved. The flaw stems from incorrect link resolution by display name (CWE-706) rather than a stable identifier, yielding total compromise of the victim's session (C:H/I:H/A:H). …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires: (1) an authenticated attacker who already has write access to a shared RDM workspace/data source; (2) the existence of a legitimate VPN script link in that workspace whose display name the attacker can duplicate (the 'display name collision' is the core prerequisite); (3) use of the custom PowerShell VPN editor feature; and (4) affected versions 2026.2.5-2026.2.11. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Vendor CVSS is 7.2 High with vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, and CISA SSVC reports Exploitation: none, Automatable: no, Technical Impact: total - the signals are internally consistent: high impact but constrained reachability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who is a trusted collaborator with write access to a shared RDM workspace creates a custom PowerShell VPN editor entry whose display name exactly matches an existing, legitimate VPN script link. When another user later invokes that VPN link, RDM resolves it by display name and executes the attacker's PowerShell in the victim's context, granting full code execution as that user. … |
| Remediation | Upgrade Remote Desktop Manager to version 2026.2.11 or later, which is the fixed release per the Devolutions advisory DEVO-2026-0021 (https://devolutions.net/security/advisories/DEVO-2026-0021/); this is the primary and recommended fix. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all systems running Remote Desktop Manager 2026.2.5-2026.2.11 and obtain the patched version from Devolutions; restrict shared workspace write permissions to administrative users only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Remote Desktop Manager
View allImproper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and earlier allo
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker tha
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to r
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager ve
Missing certificate validation in Devolutions Remote Desktop Manager on macOS, iOS, Android, Linux allows an attacker to
OS command injection in the SSH Elevate Shell feature of Devolutions Remote Desktop Manager up to 2026.2.7 lets an authe
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on W
Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows
An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to byp
Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and
Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39832
GHSA-m8cj-qf2v-5g2q