Is CVE-2024-6354 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Devolutions Remote Desktop Manager

CVE-2024-6354

Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard.

EPSS: 0.001 (31.5th percentile) — read the EPSS interpretation.

Affected products

Devolutions Remote Desktop Manager — versions 0

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

devolutions.net/security/advisories/DEVO-2024-0010

Frequently asked questions

What is CVE-2024-6354?: CVE-2024-6354 is a vulnerability in Devolutions Remote Desktop Manager. Published 2024-06-26.
Is CVE-2024-6354 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.