A severe vulnerability in Devolutions Server, identified as CVE-2025-12485, could enable attackers with low-level access to impersonate other users by exploiting how the application handles pre-MFA authentication cookies. The issue arises from improper privilege management during the cookie handling process prior to multi-factor authentication, allowing attackers to capture or replay these cookies and assume another user’s identity within the system. While this action does not entirely bypass MFA, it compromises the initial authentication and opens avenues for unauthorized access to sensitive information or administrative actions.
The critical vulnerability is rated 9.4 on the CVSS scale, highlighting the grave implications for confidentiality, integrity, and service availability. Devolutions Server is widely utilized for credential management across organizations, making this flaw particularly concerning as it can lead to unauthorized access to privileged accounts, lateral movement within networks, and potential exposure of sensitive stored credentials. Devolutions has released security updates, prompting organizations to upgrade immediately to mitigate this threat, while also advising a review of access logs for any signs of exploitation.
👉 Pročitaj original: Cyber Security News
