Primary

Context

Devolutions Remote Desktop Manager User Vaults Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability in the user vaults component of Devolutions Remote Desktop Manager has been identified, allowing an authenticated user to access private personal information of others without authorization. This issue arises under certain conditions where entries may unintentionally shift from user vaults to shared vaults when edited, thereby becoming accessible to other users. The vulnerability affects Remote Desktop Manager Windows versions through 2025.1.34.0.

Impact

Exploitation of this vulnerability could lead to unauthorized access to private personal information stored in user vaults, potentially allowing for misuse of that information.

Remediation

Users are advised to upgrade to Devolutions Remote Desktop Manager Windows version 2025.1.37.0 or higher.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Devolutions Remote Desktop Manager User Vaults Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Devolutions Remote Desktop Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating