CVE-2025-8312 | THREATINT

Description

Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service.This issue affects the following version(s) : * Devolutions Server 2025.2.2.0 through 2025.2.5.0 * Devolutions Server 2025.1.12.0 and earlier

PUBLISHED Reserved 2025-07-29 | Published 2025-07-30 | Updated 2025-08-19 | Assigner DEVOLUTIONS

Problem types

CWE-833: Deadlock

Product status

Default status

unaffected

2025.2.2.0 (custom)

affected

Any version

affected

References

devolutions.net/security/advisories/DEVO-2025-0013/

cve.org (CVE-2025-8312)

nvd.nist.gov (CVE-2025-8312)

Download JSON