Remote Desktop Manager Security Vulnerabilities and Issues — Remote Desktop Manager CVE List

Lucene search

DevolutionsRemote Desktop Manager

9 matches found

CVE•added 2025/02/10 2:15 p.m.•72 views

CVE-2025-1193

Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and earlier on Windows allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attackby presenting a certificate for a different host.

8.1CVSS8AI score0.00025EPSS

CVE•added 2025/05/29 3:15 p.m.•51 views

CVE-2025-5334

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Managerallows an authenticated user to gain unauthorized access to private personal information. Under specific circumstances, entries may be unintentionally moved from user ...

7.5CVSS7.1AI score0.00058EPSS

CVE•added 2025/03/13 1:15 p.m.•49 views

CVE-2025-1636

Exposure of sensitive information in My Personal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvertently leak the My Personal Credentials in a shared vault via the clear history feature due to faulty...

6.5CVSS6.3AI score0.00057EPSS

CVE•added 2025/03/26 6:15 p.m.•49 views

CVE-2025-2499

Client side access control bypass in the permission component inDevolutions Remote Desktop Manager on Windows. An authenticated user can exploit this flaw to bypass certain permission restrictions—specifically View Password, Edit Asset, and Edit Permissions by performing specific actions. This issu...

5.4CVSS7AI score0.00032EPSS

CVE•added 2025/03/26 6:15 p.m.•49 views

CVE-2025-2600

Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated password to use the ELEVATED_PASSWORD variable even though not allowed by the "Allow password in variable policy". This issue affects Remote Desktop Manager versions from 2025.1...

6.8CVSS7.2AI score0.0005EPSS

CVE•added 2025/03/26 6:15 p.m.•47 views

CVE-2025-2528

Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user touse a configuration different from the one mandated by the system administrators. This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25...

3.6CVSS7.2AI score0.00016EPSS

CVE•added 2025/03/13 1:15 p.m.•45 views

CVE-2025-1635

Exposure of sensitive information in hub data source export feature in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows a user exporting a hub data source to include his authenticated session in the export due to faulty business logic.

6.5CVSS6.1AI score0.00057EPSS

CVE•added 2025/03/26 6:15 p.m.•45 views

CVE-2025-2562

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from 20...

5.4CVSS7AI score0.00056EPSS

CVE•added 2025/02/10 2:15 p.m.•41 views

CVE-2024-11621

Missing certificate validation in Devolutions Remote Desktop Manager on macOS, iOS, Android, Linux allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack. Versions affected are :Remote Desktop Manager macOS 2024.3.9.0 and earlierRemote Desktop Manager Lin...

8.8CVSS8AI score0.00033EPSS