CVE-2025-1418

Vulnerability Description

A low-privileged user can access information about profiles created in Proget MDM (Mobile Device Management), which contain details about allowed/prohibited functions. The profiles do not reveal any sensitive information (including their usage in connected devices). This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).

Related Weaknesses (CWE)

CWE-863

References

https://cert.pl/en/posts/2025/05/CVE-2025-1415
https://proget.pl/en/mobile-device-management/

FAQ

What is CVE-2025-1418?

CVE-2025-1418 is a documented vulnerability. A low-privileged user can access information about profiles created in Proget MDM (Mobile Device Management), which contain details about allowed/prohibited functions. The profiles do not reveal any s...

How severe is CVE-2025-1418?

CVSS scoring is not yet available for CVE-2025-1418. Check NVD for updates.

Is there a patch for CVE-2025-1418?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.