![[The AI Show Episode 154]: AI Answers: The Future of AI Agents at Work, Building an AI Roadmap, Choosing the Right Tools, & Responsible AI Use](https://www.marketingaiinstitute.com/hubfs/ep%20154%20cover.png)
![How to Create Your Own AI Toolkit with Taylor Radey [MAICON 2025 Speaker Series]](https://www.marketingaiinstitute.com/hubfs/MAICON-Speaker_Series-Taylor.png)
![[The AI Show Episode 153]: OpenAI Releases o3-Pro, Disney Sues Midjourney, Altman: “Gentle Singularity” Is Here, AI and Jobs & News Sites Getting Crushed by AI Search](https://www.marketingaiinstitute.com/hubfs/ep%20153%20cover.png)
![GrandChase tier list of the best characters available [June 2025]](https://media.pocketgamer.com/artwork/na-33057-1637756796/grandchase-ios-android-3rd-anniversary.jpg?#)
.jpg?#)
_marcos_alvarado_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Apple in Last-Minute Talks to Avoid More EU Fines Over App Store Rules [Report]](https://www.iclarified.com/images/news/97680/97680/97680-640.jpg)
![Apple Seeds tvOS 26 Beta 2 to Developers [Download]](https://www.iclarified.com/images/news/97691/97691/97691-640.jpg)
Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls
A critical vulnerability, designated as CVE-2025-49825 that enables attackers to remotely bypass authentication controls in Teleport, a popular secure access platform. The vulnerability affects multiple versions of Teleport infrastructure, prompting immediate security updates across all deployment environments. Cloud customers have received automatic updates to their control plane versions, while organizations managing their own agents must […] The post Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls appeared first on Cyber Security News.
Summary
1. CVE-2025-49825 allows attackers to remotely bypass Teleport's authentication controls, affecting multiple versions of the secure access platform.
2. Teleport has issued security updates for versions 17.5.2, 16.5.12, 15.5.3, 14.4.1, 13.4.27, and 12.4.35, with Cloud customers receiving automatic control plane updates.
3. Organizations must manually update all self-managed Teleport agents using tctl inventory commands to identify vulnerable instances, then upgrade via package managers or enroll in Managed Updates v2.A critical vulnerability, designated as CVE-2025-49825 that enables attackers to remotely bypass authentication controls in Teleport, a popular secure access platform.
The vulnerability affects multiple versions of Teleport infrastructure, prompting immediate security updates across all deployment environments.
Cloud customers have received automatic updates to their control plane versions, while organizations managing their own agents must take immediate action to prevent potential security breaches.
Critical Authentication Bypass Vulnerability
The critical security flaw, tracked as CVE-2025-49825, represents a significant threat to Teleport deployments worldwide.
Security researchers discovered that the vulnerability allows malicious actors to circumvent authentication mechanisms remotely, potentially gaining unauthorized access to sensitive infrastructure and systems.
Teleport has responded by releasing patched versions across multiple major releases, including versions 17.5.2, 16.5.12, 15.5.3, 14.4.1, 13.4.27, and 12.4.35.
For Teleport Cloud customers, the control plane infrastructure received automated security updates.
Organizations utilizing Managed Updates v2 benefited from automatic agent updates during their designated maintenance windows on June 9, 2025.
However, environments without automated management require immediate manual intervention to achieve full vulnerability mitigation.
Risk Factors Details Affected Products – Teleport versions prior to 17.5.2, 16.5.12, 15.5.3, 14.4.1, 13.4.27, and 12.4.35- Teleport Cloud instances with unpatched agents- Self-managed Teleport environments without Managed Updates v2- Kubernetes deployments utilizing Teleport ssh_service Impact Authentication bypass Exploit Prerequisites – Network access to vulnerable Teleport instances- Targeting unpatched Teleport versions- Access attempt against authentication controls- Ability to reach Teleport service endpoints CVSS 3.1 Score 9.8 (Critical)
Agent Updates
Organizations must prioritize updating all Teleport agents running on their infrastructure to eliminate security risks.
The most efficient approach involves fully enrolling in Managed Updates v2, which provides automated patch management capabilities.
System administrators can identify vulnerable agents using specific tctl inventory commands tailored to different version ranges:
Once identified, agents must be upgraded to the latest patch release matching the cluster version using traditional package managers like apt or yum.
Following successful upgrades, administrators should enroll all agents by executing sudo teleport-update enable, which transitions management away from traditional package managers.
Organizations may encounter locked agents during the vulnerability response process. Vulnerable agents are automatically locked as a protective measure, requiring updates before lock removal.
The tctl alerts ack –ttl 48h command can temporarily suppress vulnerability banners for user experience management while updates are completed.
Kubernetes environments require special consideration, as agents should utilize the teleport-kube-agent updater instead of standard teleport-update mechanisms. This updater maintains compatibility with both Managed Updates V1 and V2 systems.
Unpatched Kubernetes agents remain vulnerable when providing SSH access through Teleport’s ssh_service functionality, emphasizing the critical nature of immediate updates across all deployment scenarios.
Are you from SOC/DFIR Teams! - Interact with malware in the sandbox and find related IOCs. - Request 14-day free trial
The post Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls appeared first on Cyber Security News.
