Vulnerability Database

299,038

Total vulnerabilities in the database

CVE-2025-4433

Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges.

  • Published: May 30, 2025
  • Updated: May 31, 2025
  • CVE: CVE-2025-4433
  • Exploit:

No technical information available.

No CWE or OWASP classifications available.

Software From Fixed in
devolutions / devolutions_server - 2025.1.9.0