We do not use RichTextBox, so there is no risk for CONNECTION client/Licensing using the library since we do not use the part that has a problem.

"If a project is not using the RichTextBox, the application is unaffected by this issue."

Here is the official Telerik documentation:

https://docs.telerik.com/devtools/wpf/knowledge-base/kb-security-unsafe-deserialization-cve-2024-10012

CONNECTION client does not allow the following Telerik components:

• CVE-2024-10095: UI for WPF's PersistenceFramework
• CVE-2024-7575: PdfViewer or Spreadsheet
• CVE-2024-8316: RadDiagram

The future release of the CONNECTION client/License service will remove the reference to Telerik

CONNECTION Client Release Notes