Primary

Context

Devolutions Server and Remote Desktop Manager Credential Exposure Vulnerability

Vulnerability

Patched

A vulnerability exists in Devolutions Server and Remote Desktop Manager on Windows, allowing for the unintended exposure of credentials in certain requests. This issue affects Devolutions Server versions prior to 2025.3.8.0 and Remote Desktop Manager versions prior to 2025.3.23.0.

Impact

Exploitation of this vulnerability could lead to unauthorized access to exposed credentials, potentially allowing for misuse of associated accounts or services.

Remediation

Users can upgrade to Devolutions Server version 2025.3.10.0 or higher and Remote Desktop Manager version 2025.3.25.0 or higher.

Added: Nov 28, 2025, 5:18 PM

Updated: Nov 28, 2025, 7:17 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Devolutions Server and Remote Desktop Manager Credential Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Devolutions Server

Devolutions Remote Desktop Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating