CVE-2024-7421

CVE-2024-7421

Vendor Devolutions
Product Remote Desktop Manager
Weakness CWE-532 · Sensitive info in logs
Published September 25, 2024
Last update March 17, 2025

CVSS base score

What the vulnerability does

01Description

An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions

Key dates

02Disclosure timeline

September 25, 2024 CVE published
March 17, 2025 Record updated