CVE-2025-1193HIGH 8.1EPSS p27.6%

CVE-2025-1193CVE-2025-1193

Description

Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and earlier on Windows allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack by presenting a certificate for a different host.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
EPSS0.36% probability of exploitation · percentile 27.6% · 2026-06-19T12:03:05Z
Published2025-02-10
Last modified2025-03-28

Underlying weaknesses· 1

CWE-295

References

  1. https://devolutions.net/security/advisories/DEVO-2025-0001/

1

TypeTargetConfidenceTier
WeaknessImproper Certificate Validationcwe-2950%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-11619
CVE
CVE-2026-4396
CVE
CVE-2026-4434
CVE
CVE-2025-50171
CVE
CVE-2026-2590
CVE
CVE-2025-21297
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.