CVEs-PoC/2025/CVE-2025-2562.md

CVE-2025-2562

Description

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality.This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.

POC

Reference

• https://devolutions.net/security/advisories/DEVO-2025-0005/

Github

No PoCs found on GitHub currently.