CVE-2025-4433 Information
May 31, 2025
cve
Description
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both �ser Management\ and �ser Group Management\ permissions to perform privilege escalation by adding users to groups with administrative privileges.
Reference
https://devolutions.net/security/advisories/DEVO-2025-0010/
Share on: