CVE-2025-5334

Name of the Vulnerable Software and Affected Versions Devolutions Remote Desktop Manager versions 2025.1.34.0 and earlier

Description The issue allows an authenticated user to gain unauthorized access to private personal information in the user vaults component. Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners, making them accessible to other users.

Recommendations For Devolutions Remote Desktop Manager versions 2025.1.34.0 and earlier, update to a version that contains a fix for this issue to prevent unauthorized access to private personal information. As a temporary workaround, consider restricting access to the user vaults component to minimize the risk of exploitation. Avoid editing entries in user vaults until the issue is resolved to prevent unintentional movement of entries to shared vaults.