Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2025-5334

CVE-2025-5334: Remote Desktop Manager Info Disclosure

CVE-2025-5334 is an information disclosure vulnerability in Devolutions Remote Desktop Manager that exposes private vault data to unauthorized users. This article covers the technical details, affected versions, and mitigation.

Published:

CVE-2025-5334 Overview

CVE-2025-5334 is a high-severity information exposure vulnerability affecting Devolutions Remote Desktop Manager across multiple platforms. The vulnerability exists in the user vaults component and allows an authenticated user to gain unauthorized access to private personal information stored by other users.

Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners. This behavior inadvertently makes private entries accessible to other authenticated users within the organization, violating data confidentiality boundaries.

Critical Impact

Private personal information stored in user vaults can become exposed to unauthorized users when vault entries are edited, potentially compromising sensitive credentials, connection details, and other confidential data.

Affected Products

  • Remote Desktop Manager Windows 2025.1.34.0 and earlier (Free and Team editions)
  • Remote Desktop Manager macOS 2025.1.16.3 and earlier
  • Remote Desktop Manager Android 2025.1.3.3 and earlier
  • Remote Desktop Manager iOS 2025.1.6.0 and earlier

Discovery Timeline

  • 2025-05-29 - CVE-2025-5334 published to NVD
  • 2025-07-02 - Last updated in NVD database

Technical Details for CVE-2025-5334

Vulnerability Analysis

This vulnerability is classified under CWE-359 (Exposure of Private Personal Information to an Unauthorized Actor) and CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The flaw resides in the user vaults component of Remote Desktop Manager, which is designed to segregate personal entries from shared organizational resources.

The vulnerability occurs during the entry editing workflow. When a user modifies an entry within their private user vault, under certain conditions the application incorrectly reassigns the entry's vault association. This causes the entry to be moved from the private user vault to a shared vault, breaking the expected isolation between user-owned data and shared resources.

Root Cause

The root cause stems from improper handling of vault associations during entry modification operations. The application fails to maintain proper ownership and vault boundary constraints when processing edits to user vault entries. This results in an unintended state change that relocates private entries to shared storage locations where other authenticated users have access.

Attack Vector

The attack vector is network-based and requires user interaction. An attacker would need to be an authenticated user within the same Remote Desktop Manager environment. The exploitation scenario involves:

  1. A victim user creates sensitive entries in their private user vault
  2. The victim edits one of their private vault entries
  3. Under specific circumstances, the entry is inadvertently moved to a shared vault
  4. The attacker, as another authenticated user, can now access the victim's previously private information

This vulnerability does not require direct attacker action to trigger the exposure—the victim's normal usage patterns can inadvertently expose their data. The attacker simply needs to monitor shared vaults for newly accessible entries.

Detection Methods for CVE-2025-5334

Indicators of Compromise

  • Unexpected entries appearing in shared vaults that were not intentionally shared by their owners
  • Audit log entries showing vault assignment changes during edit operations
  • Users reporting that their private entries are visible to other team members
  • Increased access to entries from users who should not have permissions

Detection Strategies

  • Review Remote Desktop Manager audit logs for vault reassignment events occurring during entry edits
  • Monitor for anomalous access patterns where users are viewing entries they did not create
  • Implement alerts for any vault migration events that were not explicitly initiated by administrators
  • Conduct periodic reviews of shared vault contents to identify potentially misplaced private entries

Monitoring Recommendations

  • Enable comprehensive audit logging for all vault operations within Remote Desktop Manager
  • Configure alerts for vault assignment changes that occur as side effects of edit operations
  • Establish baseline behavior for vault entry movements and flag deviations
  • Review access logs for sensitive entries to identify unauthorized viewing patterns

How to Mitigate CVE-2025-5334

Immediate Actions Required

  • Update Remote Desktop Manager to the latest available version on all platforms (Windows, macOS, Android, iOS)
  • Audit shared vaults for any entries that may have been unintentionally exposed
  • Notify users to review their private vault contents and verify no entries have been moved
  • Temporarily restrict editing of sensitive entries until patches are applied

Patch Information

Devolutions has released security updates addressing this vulnerability. Organizations should update to versions newer than:

  • Windows: 2025.1.34.0
  • macOS: 2025.1.16.3
  • Android: 2025.1.3.3
  • iOS: 2025.1.6.0

For detailed patch information and download links, refer to the Devolutions Security Advisory DEVO-2025-0009.

Workarounds

  • Avoid editing sensitive entries in user vaults until the patch is applied
  • Temporarily move critical credentials to alternative secure storage solutions
  • Implement additional access controls on shared vaults to limit potential exposure
  • Conduct regular audits of vault contents to quickly identify and remediate any exposed entries
  • Consider temporarily restricting user vault functionality to read-only mode until updates are deployed
bash
# Post-update verification steps
# 1. Verify Remote Desktop Manager version after update
# Windows: Help > About or check installed program version
# macOS: Remote Desktop Manager > About Remote Desktop Manager

# 2. Audit shared vaults for potentially exposed entries
# Review entries in shared vaults and compare against expected contents
# Contact entry owners to verify intentional sharing

# 3. Review audit logs for recent vault changes
# Check for any vault assignment changes that occurred before the patch

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne