CVE-2022-4287 : Authentication bypass in local application lock feature in Devolutions Remote De

Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application.

Published 2022-12-21 17:15:10

Updated 2025-04-14 19:15:35

Source Devolutions Inc.

View at NVD, CVE.org

Products affected by CVE-2022-4287

Devolutions » Remote Desktop Manager
Versions before (<) 2022.3.27
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-4287

EPSS FAQ

0.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 28 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-4287

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-04-14
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2022-4287

https://devolutions.net/security/advisories/DEVO-2022-0011

DEVO-2022-0011 - Devolutions
Vendor Advisory

Jump to

Vulnerability Details : CVE-2022-4287

Products affected by CVE-2022-4287

Exploit prediction scoring system (EPSS) score for CVE-2022-4287

CVSS scores for CVE-2022-4287

References for CVE-2022-4287