cbcvebase.
CVE-2025-1636
published 2025-03-13

CVE-2025-1636: Exposure of sensitive information in My Personal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows…

PriorityP338medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
1.58%
72.5th percentile
Exposure of sensitive information in My Personal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenticated user to inadvertently leak the My Personal Credentials in a shared vault via the clear history feature due to faulty business logic.

Affected

2 ranges
VendorProductVersion rangeFixed in
devolutionsremote_desktop_manager< 2024.3.31.02024.3.31.0
devolutionsremote_desktop_manager<= 2024.3.29.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.