Security & Compliance
DEVO-2025-0009
Zusammenfassung
Remote Desktop Manager is affected by a vulnerability
Betroffene Produkte
Remote Desktop Manager 2025.1.34.0 and earlier
Änderungsprotokoll
29/05/2025 - Initial publication
Schweregrad
High
Produkt
Remote Desktop Manager Windows
Behobene Version
2025.1.37.0
Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager
Beschreibung
Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Managerallows an authenticated user to gain unauthorized access to private personal information.
Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners, making them accessible to other users.
Behebungen und Workarounds
Upgrade to Remote Desktop Manager Windows 2025.1.37.0 or higher
Schweregrad
7.3 High - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Betroffene Produkte
This issue affects the following versions :
- Remote Desktop Manager Windows 2025.1.34.0 and earlier
CVE(s)
CVE-2025-5334