Unrated severityNVD Advisory· Published May 30, 2025· Updated Nov 25, 2025
CVE-2025-4433
CVE-2025-4433
Description
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2025.1.7.0
- Devolutions/Serverv5Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.