Vulnerabilities

CVE-2025-4433

by Fred · 30/05/2025

Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both “User Management” and “User Group Management” permissions to perform privilege escalation by adding users to groups with administrative privileges.

Assigner : security@devolutions.net

More information : https://devolutions.net/security/advisories/DEVO-2025-0010/

Similar

Tags: Cybersecurity Alert