Critical Teleport Vulnerability Allows Remote Authentication Bypass
gbhackers
A critical security vulnerability, tracked as CVE-2025-49825, has been discovered in Teleport, a widely used open-source platform for secure access to servers, cloud applications, and infrastructure.
This flaw enables remote attackers to bypass authentication controls, potentially granting unauthorized access to sensitive systems managed by Teleport.
The Vulnerability
The vulnerability affects Teleport Community Edition versions up to 17.5.1, as well as earlier major releases.
Both self-hosted and cloud deployments are impacted, particularly those running Teleport SSH agents, OpenSSH-integrated deployments, and Teleport Git proxy setups.
The issue, assigned a CVSS score of 9.8 (critical), allows remote attackers to bypass SSH authentication, effectively circumventing standard security measures and gaining unauthorized access to systems.
| Field | Details |
| CVE ID | CVE-2025-49825 |
| Severity | Critical (CVSS 9.8) |
| Affected Versions | < 17.5.2, < 16.5.12, < 15.5.3, < 14.4.1, < 13.4 ... |
Copyright of this story solely belongs to gbhackers . To see the full text click HERE