Recent Vulnerabilities in Devolutions Server: What You Need to Know
Organizations relying on Devolutions Server for managing privileged accounts and sensitive authentication data are facing a series of newly identified vulnerabilities. These weaknesses could significantly compromise data integrity and security.
Overview of the Security Advisory
Devolutions has issued a security advisory, marked as DEVO-2025-0018, highlighting multiple vulnerabilities within its platform. Among these, a critical issue stands out, allowing unauthorized access to confidential data stored in the system’s database.
The advisory indicates that several versions of Devolutions Server—specifically 2025.2.20 and earlier, as well as 2025.3.8 and earlier—are susceptible to these vulnerabilities.
A Critical SQL Injection Flaw
The most alarming vulnerability (rated 9.4 out of 10 on the CVSS 4.0 scale) pertains to SQL injection found in the platform’s “last usage logs.” This flaw arises from how the system sorts usage history via a parameter called DateSortField. Due to insufficient validation of user input, an authenticated user could exploit this weakness to inject malicious SQL commands into the database.
This vulnerability, cataloged as CVE-2025-13757, enables an attacker to extract or alter sensitive information, posing a grave risk particularly for environments where critical credentials and access keys are stored. Its potential to expose sensitive data makes it one of the most serious vulnerabilities reported for Devolutions Server. The flaw was discovered by JaGoTu from DCIT a.s.
Additional Medium-Severity Vulnerabilities
In addition to the critical SQL injection issue, researchers identified two other vulnerabilities classified as medium severity—CVE-2025-13758 and CVE-2025-13765. While these are less critical, they still pose a real threat to organizations that maintain strict data confidentiality.
CVE-2025-13758: Leakage of Credentials
The first medium-severity vulnerability relates to certain entry types that improperly expose passwords in initial requests for general item information. Typically, credentials should only be accessed through a secure /sensitive-data request. In this case, however, some entries prematurely leaked credential information, increasing the risk of unauthorized disclosure. This issue carries a CVSS score of 5.1 and affects the same product versions noted in the advisory.
CVE-2025-13765: Flawed Access Control in Email Service Configuration
The second vulnerability, rated at 4.9 on the CVSS scale, involves improper access controls in the email service configuration API. Users lacking administrative privileges could still access email service passwords if multiple services were set up, undermining the platform’s intended access control measures. Both vulnerabilities are also credited to JaGoTu from DCIT a.s.
Immediate Action Required: Updates and Remediation
To mitigate these vulnerabilities, Devolutions strongly urges customers to implement the latest security updates without delay. The recommended versions for Devolutions Server are:
- Version 2025.2.21 or higher
- Version 2025.3.9 or higher
The urgency of applying these patches cannot be overstated. Failure to do so leaves organizations vulnerable to SQL injection attacks, unauthorized exposure of credentials, and lapses in access control.
The vulnerabilities posed by CVE-2025-13757, CVE-2025-13758, and CVE-2025-13765 underline the necessity for immediate patching across affected systems. Unresolved, these vulnerabilities can lead to significant breaches of confidentiality and operational risk.
Organizations are advised to not only apply the necessary updates promptly but also to enhance their vulnerability monitoring efforts. Tools like Cyble, which provide real-time intelligence on vulnerabilities, can assist security teams in identifying potential threats sooner, thereby reducing exposure.
Stay Proactive in Security
To keep your organization safe, see potential vulnerabilities before they can be exploited. Consider booking a personalized demo with Cyble for real-time visibility into critical risks and high-impact threats that may threaten your enterprise.
