CVE-2025-2528

low

Description

Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a configuration different from the one mandated by the system administrators. This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.

References

https://devolutions.net/security/advisories/DEVO-2025-0005/

Details

Source: Mitre, NVD

Published: 2025-03-26

Updated: 2025-03-27

Risk Information

CVSS v2

Base Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 3.6

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Severity: Low

Detections

Analytics