Primary

Context

Devolutions Remote Desktop Manager Improper Authorization Vulnerability in Password Policy

Vulnerability

Patched

A vulnerability exists in Devolutions Remote Desktop Manager for Windows, specifically in the password policy application. It allows authenticated users to deviate from configurations set by system administrators. This issue is present in Remote Desktop Manager versions 2025.1.24 to 2025.1.25, as well as all versions up to 2024.3.29.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in password management configurations, potentially allowing users to access or manage passwords in ways not intended by administrators.

Remediation

Users can upgrade to Devolutions Remote Desktop Manager version 2024.3.31 or 2025.1.26 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

5.0

exploitability

2.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

5.0

exploitability

2.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Devolutions Remote Desktop Manager Improper Authorization Vulnerability in Password Policy

Vulnerability

Impact

Remediation

Affected Products

Devolutions Remote Desktop Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating