CVE-2025-69416 | Plex plex.tv backend up to 2025-12-31 Device Token devices.xml authorization

A vulnerability was found in Plex plex.tv backend up to 2025-12-31 and classified as problematic. The impacted element is an unknown function of the file clients.plex.tv/devices.xml of the component Device Token Handler. Such manipulation leads to incorrect authorization.

This vulnerability is traded as CVE-2025-69416. The attack may be launched remotely. There is no exploit available.

This product is a managed service. This means that users are not able to maintain vulnerability countermeasures themselves.VulDB Recent EntriesRead More