Teleport on Friday warned of a critical-severity vulnerability within the open supply platform that may be exploited remotely to bypass commonplace authentication controls.
Teleport gives connectivity, authentication, and entry management for servers and cloud functions. It helps protocols similar to SSH, RDP, and HTTPS, and can be utilized with Kubernetes and numerous databases.
Tracked as CVE-2025-49825 (CVSS rating of 9.8), the important flaw may be exploited to avoid SSH authentication, permitting attackers to entry Teleport-managed programs.
The problem impacts Teleport Neighborhood Version variations as much as 17.5.1 and was addressed with the discharge of Teleport variations 17.5.2, 16.5.12, 15.5.3, 14.4.1, 13.4.27, and 12.4.35.
Teleport notes that whereas the fixes have been robotically utilized for its cloud clients, self-hosted Teleport brokers must be up to date as quickly as attainable. Teleport brokers which were robotically locked as a result of they have been operating weak software program variations must be up to date.
“All nodes must be upgraded to the patched model of Teleport that matches the most important model of your cluster,” Teleport introduced.
Brokers operating in Kubernetes must be configured with the teleport-kube-agent updater, and never teleport-update, Teleport mentioned.
In accordance with Fortinet, the vulnerability impacts all programs operating Teleport SSH brokers, OpenSSH-integrated deployments, and Teleport Git proxy setups.Commercial. Scroll to proceed studying.
“At present, there is no such thing as a public proof-of-concept exploit out there, nor any proof indicating that this vulnerability has been exploited within the wild,” Fortinet says.
Associated: Excessive-Severity Vulnerabilities Patched by Cisco, Atlassian
Associated: Essential Vulnerability Patched in Citrix NetScaler
Associated: Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Merchandise
