Sécurité et conformité

Avis Signaler un problème de sécurité Centre de confiance

DEVO-2025-0009

Résumé

Remote Desktop Manager is affected by a vulnerability

Produits affectés

Remote Desktop Manager 2025.1.34.0 and earlier

Journal des modifications

29/05/2025 - Initial publication

Sévérité

High

Produit

Remote Desktop Manager Windows

Version corrigée

2025.1.37.0

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager

Description

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Managerallows an authenticated user to gain unauthorized access to private personal information.

Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners, making them accessible to other users.

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager Windows 2025.1.37.0 or higher

Sévérité

7.3 High - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Produits affectés

This issue affects the following versions :

Remote Desktop Manager Windows 2025.1.34.0 and earlier

CVE(s)

CVE-2025-5334