CVE-2025-13758 – Devolutions Server versions through 2025.2.20 a... (How to Fix)

Q: What is the severity of CVE-2025-13758?

CVE-2025-13758 has a CVSS score of 3.5 (LOW). Devolutions Server versions through 2025.2.20 and 2025.3.8 expose credentials in unintended requests, potentially leaking sensitive authentication data. This affects all users running vulnerable versions of Devolutions Server, a privileged access management solution.

📋 TL;DR

Devolutions Server versions through 2025.2.20 and 2025.3.8 expose credentials in unintended requests, potentially leaking sensitive authentication data. This affects all users running vulnerable versions of Devolutions Server, a privileged access management solution.

💻 Affected Systems

Products:

Devolutions Server

Versions: through 2025.2.20, through 2025.3.8

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments of affected versions are vulnerable regardless of configuration.

📦 What is this software?

Devolutions Server by Devolutions

View all CVEs affecting Devolutions Server →

Devolutions Server by Devolutions

View all CVEs affecting Devolutions Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could intercept or capture credentials, leading to unauthorized access to the Devolutions Server and potentially all managed systems and credentials stored within it.

🟠

Likely Case

Credential exposure through network traffic analysis or man-in-the-middle attacks, compromising individual user accounts or specific managed assets.

🟢

If Mitigated

Limited credential exposure with proper network segmentation and monitoring, potentially only affecting isolated systems.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires network access and ability to intercept or analyze requests. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2025.2.21 or 2025.3.9

Vendor Advisory: https://devolutions.net/security/advisories/DEVO-2025-0018/

Restart Required: Yes

Instructions:

1. Download latest version from Devolutions website. 2. Backup current installation. 3. Run installer to upgrade. 4. Restart Devolutions Server service.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Devolutions Server to trusted networks only

TLS Enforcement

all

Ensure all communications with Devolutions Server use TLS encryption

🧯 If You Can't Patch

Isolate Devolutions Server from untrusted networks
Implement strict network monitoring for credential leakage

🔍 How to Verify

Check if Vulnerable:

Check Devolutions Server version in web interface or configuration files

Check Version:

Check web interface or examine server configuration files

Verify Fix Applied:

Verify version is 2025.2.21 or higher, or 2025.3.9 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual authentication patterns
Multiple failed login attempts from single source

Network Indicators:

Unencrypted credential transmission
Suspicious outbound connections

SIEM Query:

source="devolutions-server" AND (event_type="authentication" OR event_type="credential")

📊 Metadata

CVE ID: CVE-2025-13758

CVSS v3 Score: 3.5 (LOW)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

CWE: CWE-200

EPSS Score: 0.04% exploit probability (10.4th percentile)

Published: November 27, 2025

Last Updated: December 3, 2025

🔗 References

https://devolutions.net/security/advisories/DEVO-2025-0018/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13758, you might also want to check these: