CVE-2025-49825

Name of the Vulnerable Software and Affected Versions Teleport versions prior to 17.5.2 Teleport versions 17.0.0 through 17.5.1 Teleport versions 16.0.0 through 16.5.11 Teleport versions 15.0.0 through 15.5.2 Teleport versions 14.0.0 through 14.4.0 Teleport versions 13.0.0 through 13.4.26 Teleport versions 12.4.34 and earlier

Description Teleport provides connectivity, authentication, access controls, and audit for infrastructure. A critical vulnerability allows remote attackers to bypass SSH authentication, potentially gaining unauthorized access to systems. The vulnerability affects Teleport Proxy and agent versions. While Teleport Cloud Infrastructure and CI/CD build systems are not affected, self-hosted agents require immediate patching. There is currently no evidence of exploitation in real-world scenarios.

Recommendations Upgrade to Teleport version 17.5.2 or later. Upgrade to Teleport version 16.5.12 or later. Upgrade to Teleport version 15.5.3 or later. Upgrade to Teleport version 14.4.1 or later. Upgrade to Teleport version 13.4.27 or later. Upgrade to Teleport version 12.4.35 or later.