CVE-2026-2590 — ThreaTel

THREATEL Threat Intel

v0.1

CVE-2026-2590

CRIT 9.8

Published

2026-03-03

Last Modified

2026-03-05

Affected Apps

62

Affected Devices

61

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by creating or editing certain connection types while password saving is disabled.

Affected Applications in Environment 62

Desktop v4.67.0 (4.67.0.5)

Desktop v4.44.3

Desktop v4.40.0

Desktop v4.41.2 (4.41.2.20)

Desktop v4.62.0 (4.62.0.11)

Desktop v4.63.0 (4.63.0.11)

Desktop v4.38.0

Desktop v4.66.0 (4.66.0.6)

Desktop v4.62.0.11

Desktop v4.37.1

Desktop v4.44.2.33

Desktop v4.39.0

Desktop v4.17.1

Desktop v4.59.0

Desktop v4.5.1.5

Desktop v4.26.1

Desktop v4.25.1

Desktop v4.33.1

Desktop v4.64.0 (4.64.0.4)

Desktop v4.60.1.12

Desktop v4.29.0

Desktop v4.5.1.74721

Desktop v4.67.0.5

Desktop v4.53.0 (4.52.0.4)

Desktop v4.65.0 (4.65.0.4)

Desktop v4.44.2

Desktop v4.50.0 (4.50.0.5)

Desktop v4.58.0.9

Desktop v4.40.0.17

Desktop v4.66.1 (4.66.1.8)

Desktop v4.27.2

Desktop v4.55.0.16

Desktop v4.55.0

Desktop v4.61.0 (4.61.0.14)

Desktop v4.43.2

Desktop v4.48.0

Desktop v2.0.0.3

Desktop v4.63.0

Desktop v4.44.3.41

Desktop v4.18.0

Desktop v4.62.0

Desktop v4.63.0.11

Desktop v4.59.0.11

Desktop v4.43.1

Desktop v4.67.0

Desktop v4.41.2

Desktop v4.60.1

Desktop v4.41.2.20

Desktop v4.49.0 (4.49.0.17)

Remote Desktop v1.2.6873.0

Remote Desktop v1.2.7046.0

Remote Desktop v1.2.5105.0

Remote Desktop v1.2.6676.0

Remote Desktop v1.2.6074.0

Remote Desktop v1.2.6353.0

Remote Desktop v1.2.6187.0

Remote Desktop Manager v2025.3.29.0

Remote Desktop Manager v2025.3.6.7

Affected Devices 61

AFROTC-HPENB-02 Windows AFROTC-HPENB-04 Windows AFROTC-HPENB-07 Windows ARMY-DABR-D3510 Windows ARMY-SORE-D5520 Windows ARMY-TGOO-D5520 Windows ARSUTLGU4FRRGEO Windows ASPIRE-170816 Windows DESKTOP-A27UL0P Windows DESKTOP-H4GPOR0 Windows DESKTOP-QO5C653 Windows DPAERO-2TK33905 Windows DPAERO-K02607L1 Windows DPAERO-K33905G3 Windows DPCONT-6QQ5853 Windows DPCONT-F4F0CY3 Windows DPCPD-8N0184227 Windows DPEBIE-5171H8C Windows DPEDUC-2UA71626 Windows DPEMAE-8232PP9 Windows DPENGR-HDJG664 Windows DPHSOB-1NXC094 Windows DPHSOB-31J1H13 Windows DPHSOB-3220NVS Windows DPINFT-5502005K Windows DPINFT-PF1TA1PH Windows DPMLSC-4LPWFF4 Windows DPTLTC-G414186D Windows DPUWRL-PF55KEY4 Windows DPUWRL-PF5C7SY3 Windows DPUWRL-PF5TGLWN Windows DPVPRS-73BXY44 Windows Dallins-MacBook-Pro-2.local Mac F-16 Mac HDTS171840 Windows HTTS171501 Windows JORDAN-YOGA-9I Windows LAPTOP-6UP13PGQ Windows LAPTOP-NLGVL17C Windows MURF-CLUNKER Windows RobertsMacbookPro.local Mac SSWA-ATEM-D9010 Windows TEAL-5CG3473FT0 Windows TROOPER2 Windows USULOAN340 Windows USULOAN429 Windows WIBCTE2108-02 Windows Zhiyuns-MacBook-Pro.local Mac a00288946-F6VM65M2H3 Mac a00295943-YF4WY76Q4D Mac a00957369-K6KVHY00C5 Mac a01513577-M7GJNF6XQR Mac a01841079-LK4T0Y7FP4 Mac a01875599-TY6TF9Y69L Mac a02273884-FYQGVQ1TFP Mac a02490072-PCVFY9PJV6 Mac adamthomas-H73N967GM2 Mac admin.integrations's iMac -H12CRHNTJV40 Mac ah-mbp.lan Mac ken-mpb16-LG9VYFY7QD Mac mdm-mbp16-5.local Mac

References 1

https://devolutions.net/security/advisories/DEVO-2026-0005