Volerion logoVolerion
Volerion logoVolerion

Devolutions Server Permission Cache Poisoning Vulnerability Allowing Authorization Bypass

Vulnerability

A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions and access restricted entries. This issue affects Devolutions Server versions prior to 2025.3.15.

Impact

Exploitation of this vulnerability allows for unauthorized access to entries by bypassing established permissions.

Remediation

Users are advised to upgrade to Devolutions Server version 2025.3.15.

Added: Feb 24, 2026, 8:35 PM
Updated: Feb 24, 2026, 10:02 PM

Vulnerability Rating

Custom Algorithm
spread
3.1
impact
3.1
exploitability
5.2
remediation
7.7
relevance
3.1
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.