REALVNC
9.6.2022 15:02:03 CEST | Business Wire | Press release
VNC Connect by RealVNC, the remote access service used by hundreds of millions of people worldwide, was audited by Cure53 , the Berlin, Germany-based IT security consultancy who have also audited other industry leading software such as Mozilla VPN, 1Password and Bitwarden. The comprehensive audit, which took 86 person days and included VNC Server and VNC Viewer on Linux, Windows and Mac, VNC Viewer for iOS and Android, the VNC Connect management portal and backend services, found 38 security-relevant discoveries, none of which were critical and only three were deemed high severity, and these were fixed immediately. The report states, in conclusion, that RealVNC places a strong focus on the security posture of all its components.
“As the technologists responsible for bringing remote access to the mass market, we are today setting new standards and expectations for security in the face of the challenges of the modern IT environment. IT buyers of remote access technologies should expect no less than independent and comprehensive third-party validation of vendor claims. This is especially true for remote access software where the stakes are high, and a mistake could be reputationally damaging or even existential. With Cure53’s report, buyers can be confident that choosing RealVNC as their remote access vendor will never be a regret,” said Adam Greenwood-Byrne, CEO of RealVNC.
A white box security audit is significantly more in-depth than the more common black box penetration test (which RealVNC also commissions by an external organization annually), as the auditors have access to all of the source code, binaries and API/protocol documentation. Of the 38 vulnerabilities found across the range of software and services tested, 32 have been properly addressed — with the fixes confirmed by Cure53 — while the other six were flagged as either false-alerts or works-as-intended and evaluated to be of lower risk.
“At RealVNC, we operate from the standpoint that no company should ever take a vendor’s word for it when they claim their software is secure, which is why we chose to complete a white box audit with a highly regarded security consultancy to prove it,” said Andrew Woodhouse, CIO of RealVNC.
The Cure53 team is highly motivated to find issues when completing white box penetration tests. The fact that no critical threats were found reinforces RealVNC’s focus on ensuring its customers remain safe from threats when using VNC Connect.
“Cure53 is happy to state that test preparation, test execution and also the fix verification, which is one of the most important parts of such an audit, went smoothly and professionally. It is clear that RealVNC has demonstrated a genuine interest in ensuring VNC Connect's security and is prepared and committed to maintaining the high standards we have observed,” said Dr.-Ing. Mario Heiderich, Founder of Cure53.
Headquartered in Cambridge, RealVNC's products for desktop, mobile and embedded platforms make it easy for users to access and operate devices remotely while enabling remote users to work with technicians to resolve problems easily.
“We’re not shying away from any of the issues the report found. We actively fixed issues as they came up and, as security is an ever changing landscape, we’ll continue to ensure the security of VNC Connect in future iterations of the service,” said Ben May, Head of Cyber Security at RealVNC.
To review Cure53's summary of the audit, click here , and to learn more about why RealVNC chose to conduct a Cure53 audit, click here .
ABOUT REALVNC
RealVNC’s secure remote access and management software is used by hundreds of millions of people worldwide. Their software helps organizations cut costs and improve the quality of supporting remote devices and applications, as well as enabling remote working. RealVNC is the original, UK-based, inventor of VNC remote access software and they support an unrivaled mix of desktop, mobile and embedded platforms.
ABOUT CURE53
Cure53 offers classic black-box penetration tests (zero-knowledge) as well as white-box tests and code audits. Web application and mobile app developers speak many languages and so do we. From classic languages such as PHP, JavaScript, ActionScript, Java, Ruby, Python and Perl to more exotic candidates like web back-ends written in C++ and Delphi – we've seen them.
Since Cure53 was founded in 2007, we have performed hundreds of penetration tests against all kinds of web applications, online services, hardware interfaces, mobile applications, libraries and crypto tools. We value manual and thorough tests, human interaction and communication and a short yet-to-the-point penetration test report without overhead or pie charts no one wants to see.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220609005211/en/
Link:
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Sinopec Receives CSR Award at Sino-European ESG Conference in Germany1.7.2026 15:38:00 CEST | Press release
China Petroleum & Chemical Corp. (Sinopec) has received the Corporate Social Responsibility Best Practice Award at the 3rd Sino-European Corporate ESG Best Practice Conference in Mainz, Germany, for its case study on carbon footprint management and low-carbon development. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260701696760/en/ Huang Yiyang (L), Chinese Consul General in Frankfurt, presents the award to a representative of Sinopec. The conference jury said Sinopec has developed a carbon management framework centered on product carbon footprint management, covering the full product life cycle while aligning with both Chinese and European standards. It cited the company’s work with German chemical producer BASF to achieve mutual recognition of carbon footprint accounting methodologies as a milestone that could support greener cooperation across international industrial supply chains. According to the jury, Sinopec’s eff
Vercel and Mercedes-AMG PETRONAS Formula One Team Announce Multi-Year Strategic Partnership1.7.2026 15:30:00 CEST | Press release
The agentic infrastructure platform known for speed is joining forces with one of the world's fastest Formula One teams Today Vercel, the agentic infrastructure company, announced a new multi-year deal with the Mercedes-AMG PETRONAS Formula One Team. Starting with the British Grand Prix July 2 – 5 2026, Vercel branding will appear on the Mercedes-AMG PETRONAS Formula One Team race cars as the partnership begins its first chapter, before expanding significantly across the team ecosystem from 2027 onward. The partnership includes global branding rights, premium hospitality experiences, customer engagement, content creation, and technical collaborations, including plans to evolve the team’s digital platforms to Vercel. “Formula One is where every millisecond matters, every decision counts, and continuous innovation is fundamental to success. Vercel shares that same philosophy,” said Richard Sanders, Chief Commercial Officer, Mercedes-AMG PETRONAS Formula One Team. “The Vercel platform is
OXMIQ Raises $35 Million to Scale OxCore™ Architecture1.7.2026 15:15:00 CEST | Press release
OXMIQ Labs Inc., a unified GPU and AI architecture company founded by Raja Koduri, today closed its $35 million Series A financing, bringing the company’s total capital raised to $60 million. The funding will scale OxCore™, OXMIQ’s licensable GPU architecture that allows semiconductor companies and AI system builders to build custom AI silicon without a full chip program. The round was co-led by Fundomo and Samsung Catalyst Fund, with participation from MediaTek, AM Intelligence Labs, Pegatron Venture Capital, CDIB-TEN, Darwin Ventures, and Morgan Creek Digital, among other financial and strategic investors. OXMIQ’s expertise spans the full AI stack, from renewable power and data center infrastructure to silicon IP, electron-to-token machines (ETMs™), along with the software that runs AI factories and agents. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260701241910/en/ OXMIQ Funding raised to date of $60M after current $3
SamanTree Medical’s Histolog® Scanner Technology Featured in 13 Publications in Special BJU International Issue on Confocal Microscopy in Urology1.7.2026 15:01:00 CEST | Press release
Papers highlight clinical research on use of confocal microscopy for real-time tissue assessment in various urologic procedures SamanTree Medical, a global leader in surgical imaging innovation, today announced that Histolog Scanner confocal microscopy technology has been featured in 13 peer-reviewed clinical papers in a special issue of BJU International, one of the world’s leading journals in urology. The special edition focuses on a growing body of evidence of the role of confocal microscopy in urologic surgery. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260701425845/en/ SamanTree Medical announces that Histolog® Scanner confocal microscopy technology is featured in 13 peer-reviewed clinical papers in a special issue of BJU International. “The special issue represents increasing momentum behind confocal microscopy in urologic surgery,” said Professor Greg Shaw, consultant urologic surgeon at University College London
Regnology to Acquire Fed Reporter, Accelerating U.S. Leadership and Advancing Regulatory Modernization1.7.2026 15:00:00 CEST | Press release
Deal establishes Regnology as a central partner in U.S. regulatory modernization, extending reach to over 4,000 financial institutions Regnology, a leading provider at the intersection of regulatory, risk, and supervisory technology, today announced it has entered into a definitive agreement to acquire Fed Reporter, the market-leading U.S. provider of regulatory reporting solutions for financial institutions of all sizes, including banks, credit unions, and bank holding companies. The acquisition marks a pivotal milestone in Regnology’s U.S. expansion, creating the most comprehensive regulatory reporting coverage across the American financial landscape and extending its reach to more than 4,000 institutions from global banks to community lenders. By combining a proven, cloud-first, agentic-first technology foundation with deeply embedded local expertise, Regnology is uniquely positioned to support more efficient, transparent, and data-driven reporting, while strengthening alignment bet
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
