CVE-2025-8312

Summary

Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service.This issue affects the following version(s) :

Devolutions Server 2025.2.2.0 through 2025.2.5.0

  • Devolutions Server 2025.1.12.0 and earlier

Affected Software

VendorProductVersion RangeStatus
DevolutionsServer2025.2.2.0 <= 2025.2.5.0affected
DevolutionsServer0 <= 2025.1.13.0affected

Weaknesses

  • CWE-833: CWE-833: Deadlock

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References