2.32.1
CVE-2025-59480 is a medium-severity vulnerability affecting Mattermost Mobile Apps versions 0 through 2.32.0. This flaw stems from inadequate verification of Single Sign-On (SSO) redirect tokens, allowing attackers to potentially intercept and exploit these tokens to gain unauthorized access to user accounts. The vulnerability has been resolved in version 2.33.0, and users are strongly advised to upgrade to mitigate the risk.
The primary impact of CVE-2025-59480 is the potential for unauthorized access to user accounts within Mattermost. An attacker controlling a malicious Mattermost instance or positioned as an on-path attacker can craft a malicious token-in-URL response. When a user authenticates through SSO, the redirect token, which is intended to securely pass authentication information, is not properly validated. This allows the attacker to impersonate the user and gain access to their data and communication history. The blast radius extends to all users relying on SSO for authentication within the affected Mattermost Mobile Apps.
CVE-2025-59480 was publicly disclosed on 2025-11-13. There is currently no indication of active exploitation campaigns targeting this vulnerability. The EPSS score is pending evaluation. No public proof-of-concept (PoC) code has been released at the time of this writing, but the vulnerability's nature makes it likely that a PoC will emerge.
Organizations heavily reliant on SSO for Mattermost authentication are particularly at risk. Users on shared devices or those who frequently authenticate from untrusted networks are also more vulnerable. Legacy Mattermost deployments using older SSO providers or custom integrations may be at higher risk due to potential configuration issues.
• mattermost / mobile:
Get-MobileAppVersion | Where-Object {$_.Version -le '2.32.0'}• generic web:
curl -I https://your-mattermost-instance/ | grep -i 'redirect_uri'• generic web: Examine Mattermost server logs for unusual SSO redirect URLs or patterns.
disclosure
漏洞利用状态
EPSS
0.03% (8% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2025-59480 is to immediately upgrade Mattermost Mobile Apps to version 2.33.0 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting access to Mattermost from untrusted networks or implementing stricter SSO configuration policies. Monitor network traffic for suspicious redirect URLs and consider using a Web Application Firewall (WAF) to filter out malicious requests. After upgrading, verify the fix by attempting an SSO login and confirming that the redirect token is properly validated.
将 Mattermost 移动应用更新到 2.32.0 以上的版本。这修复了 SSO 重定向凭据验证不足的问题,防止了凭据泄露。从相应的应用商店下载最新版本。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-59480 is a medium-severity vulnerability in Mattermost Mobile Apps (versions 0–2.32.0) where redirect tokens used for SSO authentication are not properly validated, allowing attackers to potentially steal user session credentials.
If you are using Mattermost Mobile Apps version 0 through 2.32.0, you are potentially affected by this vulnerability. Upgrade to version 2.33.0 or later to mitigate the risk.
The recommended fix is to upgrade Mattermost Mobile Apps to version 2.33.0 or later. If immediate upgrade is not possible, consider temporary workarounds like restricting access from untrusted networks.
There is currently no confirmed evidence of active exploitation of CVE-2025-59480, but the vulnerability's nature makes it a potential target.
Refer to the official Mattermost security advisory for detailed information and updates regarding CVE-2025-59480: [https://mattermost.com/security/advisories](https://mattermost.com/security/advisories)