MEDIUM🇬🇧 English

CVE-2025-2562

CVSS 5.4v3.1pub. 2025-03-26upd. 2025-07-02

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • Devolutions Remote Desktop Manager

    APP
    Devolutions
    < 2024.3.31.02025.1.24.0 – 2025.1.26.0 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-2590CRITICAL9.8PL ✓ten sam produkt

Błędne egzekwowanie zakazu zapisywania haseł w Devolutions Remote Desktop Manager

CVE-2024-6057CRITICAL9.8PL ✓ten sam produkt

Pominięcie hasła master vault w Devolutions Remote Desktop Manager

CVE-2023-6593CRITICAL9.8PL ✓ten sam produkt

Pomijanie uprawnień po stronie klienta w Devolutions Remote Desktop Manager na iOS

CVE-2023-5765CRITICAL9.8ten sam produkt

Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and e...

CVE-2023-5766CRITICAL9.8ten sam produkt

A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an a...

CVE-2025-2562 — MEDIUM 5.4 | CVEbaza.pl