Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies.  The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability […]

The post Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/devolutions-server-flaw/