MEDIUM🇵🇱 Wersja polska

CVE-2025-2562

CVSS 5.4v3.1pub. 2025-03-26upd. 2025-07-02

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • Devolutions Remote Desktop Manager

    APP
    Devolutions
    < 2024.3.31.02025.1.24.0 – 2025.1.26.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-2590CRITICAL9.8PL ✓ten sam produkt

Błędne egzekwowanie zakazu zapisywania haseł w Devolutions Remote Desktop Manager

CVE-2024-6057CRITICAL9.8PL ✓ten sam produkt

Pominięcie hasła master vault w Devolutions Remote Desktop Manager

CVE-2023-6593CRITICAL9.8PL ✓ten sam produkt

Pomijanie uprawnień po stronie klienta w Devolutions Remote Desktop Manager na iOS

CVE-2023-5765CRITICAL9.8ten sam produkt

Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and e...

CVE-2023-5766CRITICAL9.8ten sam produkt

A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an a...