CVE-2025-1636

CVE-2025-1636

Vendor Devolutions

Product Remote Desktop Manager

Weakness CWE-200 · Info exposure

Published March 13, 2025

Last update March 18, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Exposure of sensitive information in My Personal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvertently leak the My Personal Credentials in a shared vault via the clear history feature due to faulty business logic.

Key dates

02Disclosure timeline

March 13, 2025 CVE published

March 18, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-1636 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE