Sécurité et conformité

DEVO-2025-0009

Résumé

Remote Desktop Manager is affected by a vulnerability

Produits affectés

Remote Desktop Manager 2025.1.34.0 and earlier

Journal des modifications

29/05/2025 - Initial publication

Sévérité

High

Produit

Remote Desktop Manager Windows

Version corrigée

2025.1.37.0

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager

Description

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Managerallows an authenticated user to gain unauthorized access to private personal information.

Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners, making them accessible to other users.

Mesures correctives et solutions de contournement

Upgrade to Remote Desktop Manager Windows 2025.1.37.0 or higher

Sévérité

7.3 High - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Produits affectés

This issue affects the following versions :

  • Remote Desktop Manager Windows 2025.1.34.0 and earlier
CVE(s)

CVE-2025-5334

Devolutions aide les organisations à contrôler le chaos relié aux TI en offrant des solutions sécurisées de gestion d’accès privilégiés, de connexions à distance et de mots de passe.

DEVOLUTIONS

Légal & vie privée | infos@devolutions.net

Tous droits réservés © 2025 Devolutions