Security & Compliance

DEVO-2025-0009

Zusammenfassung

Remote Desktop Manager is affected by a vulnerability

Betroffene Produkte

Remote Desktop Manager 2025.1.34.0 and earlier

Änderungsprotokoll

29/05/2025 - Initial publication

Schweregrad

High

Produkt

Remote Desktop Manager Windows

Behobene Version

2025.1.37.0

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager

Beschreibung

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Managerallows an authenticated user to gain unauthorized access to private personal information.

Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners, making them accessible to other users.

Behebungen und Workarounds

Upgrade to Remote Desktop Manager Windows 2025.1.37.0 or higher

Schweregrad

7.3 High - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Betroffene Produkte

This issue affects the following versions :

  • Remote Desktop Manager Windows 2025.1.34.0 and earlier
CVE(s)

CVE-2025-5334

Wir helfen Unternehmen dabei, das IT-Chaos zu meistern, indem wir Lösungen für Passwortverwaltung, Remoteverbindungen und privilegierte Zugriffsverwaltung bereitstellen.

DEVOLUTIONS

Sicherheit & Datenschutz | infos@devolutions.net

Alle Rechte vorbehalten © 2025 Devolutions