CVE-2025-12485
HIGHDevolutions Server <=2025.2.15.0, 2025.3.2.0-2025.3.5.0 - Authenticated Account Impersonation via Pre-MFA Cookie Replay
Title source: llmDescription
Improper privilege management during pre-MFA cookie handling in Devolutions Server allows a low-privileged authenticated user to impersonate another account by replaying the pre-MFA cookie.This does not bypass the target account MFA verification step. This issue affects the following versions : * Devolutions Server 2025.3.2.0 through 2025.3.5.0 * Devolutions Server 2025.2.15.0 and earlier
References (1)
Core 1
Core References
Vendor Advisory
https://devolutions.net/security/advisories/DEVO-2025-0016
Scores
CVSS v3
8.8
EPSS
0.0059
EPSS Percentile
43.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
Status
published
Products (1)
devolutions/devolutions_server
< 2025.2.17.0
Published
Nov 06, 2025
Tracked Since
Feb 18, 2026