Download center

MAIN MENU

Solutions

Packages

Remote desktop
management & IT operations

Boost productivity, decrease costs, and increase security with a centralized platform where you can manage a wide range of remote connections and tools.

Workforce password management

Improve your security strategy without reducing productivity by using a password management solution.

Privileged access
management

Diminish the risk of insider threats and cyberattacks while providing audit and compliance requirements for your team.

Remote access
management

Establish a secure entry point for internal or external segmented networks that require authorized just-in-time (JIT) access.

IT automation with PowerShell Universal

Streamline routine IT tasks and boost productivity with integrated scripting, orchestration, and reporting.

blue box

The whole power of Devolutions half price for teams of 5

Proof of concept: 100+ users?

Quick overview

Your trusted partner in security and compliance.

Integration center

Unified solutions: seamless integrations with Devolutions

Compare our solution packages Visit store & get a quote

Products

Products

Devolutions
Remote Desktop Manager

The best remote connection manager in the industry

Devolutions Password Manager

All-in-one application to securely access, manage, and use your credentials.

UniGetUI Open source

Discover, install, and update all your Windows packages

Devolutions PowerShell Universal

Automate remote management with dashboards and APIs

Privileged access

Devolutions PAM

Secure, rotate, and audit every privileged account across your infrastructure

Companion tools

Devolutions Gateway Secure remote access — no VPN required

Devolutions Launcher Remote connection launching tool

Devolutions Agent System service to control privileged operations

Online service

Devolutions Send Sharing secrets made quick, secure, and simple

Resources

Resources

Your FREE go-to hub for mastering Devolutions' suite of products and services.

The Devolutions Forum is the place to go to connect with your peers and the Devolutions team.

Get answers to product specifications, settings and more on our documentation.

Stay up to date with our weekly articles on our blog, the toolbox for your IT success.

Success stories

Reports & White papers

Devolutions Force

Learn a quick tip in 5 minutes! Browse feature requests

Company

About

Timeline

Lifestyle

Media

Devolutions logo

Wallpapers

Careers

Welcome

Available positions

Spontaneous applications

Newsroom

Webinars

Security & compliance

Security

Legal & privacy

Report a security issue

Contact

Send message

Call me

Call me

Technical support Sales Contact information

Security & compliance

Upholding the highest standards to protect your data and ensure trust.

Advisories Reporting a Security issue Trust Center

Back to listing

DEVO-2025-0012

Devolutions Server is affected by multiple vulnerabilities.

Affected Products

Devolutions Server

2025.2.4 and earlier

Change Log

22/7/2025 - Initial publication

Improper access control in secure message component in Devolutions Server

7.1 High - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Improper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via the secure message entry attachment feature.

CVE(s)

CVE-2025-6741

Remediation and Workarounds

Upgrade to Devolutions Server 2025.2.5.0 or higher

Credits

Gino Boudreau (mononclemich)

Use of weak credentials in emergency authentication component in Devolutions Server

9.5 Critical - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:H

Use of weak credentials in emergency authentication component in Devolutions Server allows an unauthenticated attacker to bypass authentication via brute forcing the short emergency codes generated by the server within a feasible timeframe.

CVE(s)

CVE-2025-6523

Remediation and Workarounds

Upgrade to Devolutions Server 2025.2.4.0 or higher

Credits

Gino Boudreau (mononclemich)