CVE-2025-1416
21.05.2025, 13:16
In Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequentlyuse functionalities restricted by the MDM (Mobile Device Management). For it to happen, they must know the UUIDs of targetted devices, which might be obtained by exploitingCVE-2025-1415 orCVE-2025-1417. This issue has been fixed in2.17.5 version ofKonsola Proget (server part of the MDM suite).Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.