Listen to this Post
How CVE-2025-4493 Works
The vulnerability stems from improper privilege assignment in PAM JIT (Just-In-Time) privilege sets within Devolutions Server. Due to a user interface flaw, a PAM user can bypass intended restrictions and perform JIT requests on unauthorized groups. This occurs when the system fails to properly validate group permissions during privilege elevation, allowing attackers to escalate privileges beyond their assigned scope. The issue affects Devolutions Server versions 2025.1.3.0 to 2025.1.7.0 and all versions prior to 2024.3.15.0.
DailyCVE Form
Platform: Devolutions Server
Version: 2025.1.3.0-2025.1.7.0
Vulnerability: Privilege Escalation
Severity: Critical
Date: 06/25/2025
Prediction: Patch by 07/15/2025
What Undercode Say
Check PAM JIT group assignments pam_jit_validate --audit Exploit PoC (for research only) curl -X POST -H "X-PAM-JIT-Request: true" http://target/api/jit_privilege
How Exploit
Attackers can craft malicious API requests to bypass group-based access controls, granting unauthorized JIT privileges to restricted systems.
Protection from this CVE
- Apply vendor patch
- Restrict PAM JIT API access
- Audit group permissions
Impact
Full privilege escalation, unauthorized access to protected systems.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
