CVE-2025-1193

CVE-2025-1193, published on 2025-02-10, is an improper host validation vulnerability (CWE-295) in the certificate validation component of Devolutions Remote Desktop Manager versions 2024.3.19 and earlier on Windows. The flaw enables an attacker to conduct a man-in-the-middle (MITM) attack by presenting a certificate for a different host, allowing interception and modification of encrypted communications. It carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N), indicating high severity due to its potential for significant confidentiality and integrity impacts.

A remote attacker requires no privileges and can exploit this over the network with low attack complexity, though user interaction is necessary. By positioning themselves between the client and the remote host—such as on a compromised network or via phishing—the attacker can present a fraudulent certificate, tricking the software into accepting it. Successful exploitation allows the attacker to intercept sensitive data in transit and modify communications, potentially leading to session hijacking, credential theft, or injection of malicious content.

Mitigation details are outlined in the vendor advisory DEVO-2025-0001, available at https://devolutions.net/security/advisories/DEVO-2025-0001/. Security practitioners should consult this reference for patching instructions and workarounds applicable to affected versions.