CVE-2025-6741

CVSS 7.1 HIGHEPSS 0.4%CWE-284

Improper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via the secure message entry attachment feature This issue affects the following versions : * Devolutions Server 2025.2.2.0 through 2025.2.4.0 * Devolutions Server 2025.1.11.0 and earlier

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

Devolutions · Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://devolutions.net/security/advisories/DEVO-2025-0012/