CVE-2026-0747 is a security vulnerability identified in Devolutions Remote Desktop Manager (RDM) versions 2025.3.24.0 through 2025.3.28.0 on Windows platforms. The flaw resides in the TeamViewer entry dashboard component, where a defective password masking implementation allows sensitive credentials to be visible on screen. Specifically, the masking feature intended to obscure passwords fails, enabling an external observer—such as someone physically present near the user or connected via screen sharing software—to view passwords in clear text. This vulnerability is categorized under CWE-200, which concerns the exposure of sensitive information to unauthorized actors. The vulnerability does not require remote exploitation or authentication but depends on physical proximity or screen sharing access, limiting the attack vector. No CVSS score has been assigned yet, and no known exploits have been reported in the wild. The exposure of passwords can lead to unauthorized access to remote systems managed through RDM, potentially compromising confidentiality and integrity of organizational assets. The issue affects a narrow range of versions, and no official patches have been linked yet, indicating that remediation is pending. Organizations relying on RDM for remote desktop management, especially those integrating TeamViewer, should be aware of this risk and take interim protective measures.

For European organizations, the exposure of passwords through this vulnerability could lead to unauthorized access to critical remote systems, potentially resulting in data breaches, lateral movement within networks, and disruption of business operations. The risk is heightened in environments where screen sharing is common, such as remote work setups or IT support scenarios. Confidentiality is primarily impacted, as passwords may be disclosed to unauthorized viewers. Integrity and availability impacts are secondary but possible if attackers leverage exposed credentials to manipulate or disrupt systems. The vulnerability's reliance on physical or screen sharing observation limits large-scale remote exploitation but does not eliminate risk in hybrid or remote work environments prevalent across Europe. Organizations handling sensitive data or critical infrastructure are particularly vulnerable to the consequences of credential exposure. The absence of known exploits reduces immediate threat but does not preclude targeted attacks. Overall, the impact is moderate but significant enough to warrant prompt attention.

1. Monitor Devolutions communications for official patches addressing CVE-2026-0747 and apply updates promptly once available. 2. Until patched, restrict physical access to devices running affected RDM versions to trusted personnel only. 3. Limit or control screen sharing sessions, ensuring they occur only with authorized participants and using secure, encrypted channels. 4. Educate users about the risk of password exposure during screen sharing and physical observation, emphasizing vigilance. 5. Implement multi-factor authentication (MFA) on remote systems accessed via RDM to reduce the impact of credential exposure. 6. Review and audit remote access logs for unusual activity that may indicate misuse of exposed credentials. 7. Consider temporary alternative remote desktop management tools without this vulnerability if patching is delayed. 8. Enforce strict endpoint security policies, including screen privacy filters and session timeout settings to minimize exposure windows.