Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NDevolutions Remote Desktop Manager
APPDevolutions< 2024.3.31.02025.1.24.0 – 2025.1.26.0 (bez)
Related vulnerabilities
Błędne egzekwowanie zakazu zapisywania haseł w Devolutions Remote Desktop Manager
Pominięcie hasła master vault w Devolutions Remote Desktop Manager
Pomijanie uprawnień po stronie klienta w Devolutions Remote Desktop Manager na iOS
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and e...
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an a...