Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-2562

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.

Published

2025-03-26T18:15:26.247

Last Modified

2025-07-02T17:32:38.117

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-778

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	devolutions	remote_desktop_manager	< 2024.3.31.0	Yes
Application	devolutions	remote_desktop_manager	< 2024.3.31.0	Yes
Application	devolutions	remote_desktop_manager	< 2025.1.26.0	Yes
Application	devolutions	remote_desktop_manager	< 2025.1.26.0	Yes

References

https://devolutions.net/security/advisories/DEVO-2025-0005/ Vendor Advisory ([email protected])