CVE-2025-49825

Name of the Vulnerable Software and Affected Versions Teleport versions prior to 17.5.2 Teleport versions 16.0.0 through 16.5.11 Teleport versions 15.0.0 through 15.5.2 Teleport versions 14.0.0 through 14.4.0 Teleport versions 13.0.0 through 13.4.26 Teleport versions 12.0.0 through 12.4.34 Teleport versions 0.0.11 through 12.4.34

Description Teleport is susceptible to a remote authentication bypass, potentially allowing attackers to gain unauthorized access to systems. This issue affects Teleport agents and proxy servers. The vulnerability allows attackers to bypass SSH authentication entirely. The vulnerability has a CVSS score of 9.8 (Critical). While the vulnerability has not been actively exploited, all nodes should be updated to a patched version of Teleport. The vulnerability impacts systems running Teleport SSH agents, integrated OpenSSH deployments, and Teleport Git proxy server configurations.

Recommendations Upgrade to Teleport version 17.5.2. Upgrade to Teleport version 16.5.12. Upgrade to Teleport version 15.5.3. Upgrade to Teleport version 14.4.1. Upgrade to Teleport version 13.4.27. Upgrade to Teleport version 12.4.35.