Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability […] The post Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/devolutions-server-flaw/
