CVE-2025-49825

Summary

Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.

Affected Software

VendorProductVersion RangeStatus
gravitationalteleport<= 17.5.1affected
gravitationalteleport<= 0.0.0-20250616162021-79b2f26125a1affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References