Platform
other
Component
just-in-time-jit-elevation-module
Fixed in
2023.3.15
CVE-2024-1764 describes a privilege escalation vulnerability affecting the Just-in-time (JIT) elevation module in Devolutions Server. This flaw allows a user to retain elevated privileges even after they should have expired, potentially granting unauthorized access. The vulnerability impacts Devolutions Server versions 0 through 2023.3.14.0. A fix is available in version 2023.3.15.
The core impact of CVE-2024-1764 lies in the potential for unauthorized privilege persistence. An attacker who successfully leverages this vulnerability could bypass intended access controls and maintain elevated privileges longer than permitted. This could lead to data breaches, unauthorized modifications to system configurations, or other malicious activities. The scope of the impact depends on the privileges granted through the JIT elevation module and the sensitivity of the data and resources accessible with those privileges. Successful exploitation could allow an attacker to perform actions they would otherwise be restricted from, effectively circumventing the intended security measures of the JIT elevation process.
CVE-2024-1764 was publicly disclosed on March 5, 2024. The vulnerability's exploitation context is currently unclear, with no known public proof-of-concept (POC) available. Its inclusion in the CISA KEV catalog is pending. The ease of exploitation will depend on factors such as the configuration of Devolutions Server and the complexity of the JIT elevation process.
Exploit Status
EPSS
0.09% (26% percentile)
The primary mitigation for CVE-2024-1764 is to upgrade Devolutions Server to version 2023.3.15 or later. This version includes a fix that addresses the improper privilege management issue. If an immediate upgrade is not feasible, consider temporarily restricting access to sensitive resources managed by the JIT elevation module. While a direct workaround is not available, closely monitor user activity and audit logs for any suspicious behavior that might indicate exploitation. After upgrading, confirm the fix by testing the JIT elevation process and verifying that privileges expire as expected.
Update Devolutions Server to a version later than 2023.3.14.0 to fix the privilege escalation vulnerability. See the Devolutions security advisory for more details and specific upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-1764 is a vulnerability in Devolutions Server allowing users to retain elevated privileges beyond their expiration, potentially leading to unauthorized access. Severity is pending evaluation.
If you are using Devolutions Server versions 0–2023.3.14.0, you are potentially affected by this vulnerability. Upgrade to 2023.3.15 to mitigate the risk.
Upgrade Devolutions Server to version 2023.3.15 or later. This version contains the fix for the privilege escalation issue.
Currently, there are no confirmed reports of active exploitation of CVE-2024-1764, but it's crucial to apply the patch proactively.
Please refer to the official Devolutions security advisory for detailed information and updates regarding CVE-2024-1764: [https://devolutions.com/support/security/security-advisory-2024-0002](https://devolutions.com/support/security/security-advisory-2024-0002)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.