CVE-2025-2600

Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATED_PASSWORD variable even though not allowed by the "Allow password in variable policy". This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.

CVSS v3 6.8 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.1 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://devolutions.net/security/advisories/DEVO-2025-0005/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:devolutions:remote_desktop_manager:::::free:windows::
	cpe:2.3:a:devolutions:remote_desktop_manager:::::team:windows::
	cpe:2.3:a:devolutions:remote_desktop_manager:::::free:windows::
	cpe:2.3:a:devolutions:remote_desktop_manager:::::team:windows::

History

No history.

Information

Published : 2025-03-26 18:15

Updated : 2025-08-26 18:15

NVD link : CVE-2025-2600

Mitre link : CVE-2025-2600

CVE.ORG link : CVE-2025-2600

JSON object : View

Products Affected

devolutions

remote_desktop_manager

CWE

CWE-285

Improper Authorization

{"id": "CVE-2025-2600", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 2.1}]}, "published": "2025-03-26T18:15:26.437", "references": [{"url": "https://devolutions.net/security/advisories/DEVO-2025-0005/", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATED_PASSWORD variable even though not allowed by the \"Allow password in variable policy\". \n\n\n\n\n\nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29."}, {"lang": "es", "value": "Una autorizaci\u00f3n incorrecta en el componente variable de Devolutions Remote Desktop Manager en Windows permite que una contrase\u00f1a autenticada use la variable ELEVATED_PASSWORD, aunque la pol\u00edtica \"Permitir contrase\u00f1a en variable\" no lo permita. Este problema afecta a las versiones de Remote Desktop Manager desde la 2025.1.24 hasta la 2025.1.25, y a todas las versiones hasta la 2024.3.29."}], "lastModified": "2025-08-26T18:15:47.157", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*", "vulnerable": true, "matchCriteriaId": "0C146019-3232-4413-BB31-AC876E37BFE5", "versionEndExcluding": "2024.3.31.0"}, {"criteria": "cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*", "vulnerable": true, "matchCriteriaId": "183673B7-2357-4FA7-98E7-32F986B65BC3", "versionEndExcluding": "2024.3.31.0"}, {"criteria": "cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*", "vulnerable": true, "matchCriteriaId": "3A6A560B-95F7-419D-8B56-7327BC2164B1", "versionEndExcluding": "2025.1.26.0", "versionStartIncluding": "2025.1.24.0"}, {"criteria": "cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*", "vulnerable": true, "matchCriteriaId": "367DF58A-9A33-46BD-AB77-74B7B8A4E48E", "versionEndExcluding": "2025.1.26.0", "versionStartIncluding": "2025.1.24.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}