Critical vulnerabilities have been disclosed in leading zero trust platforms including Zscaler, Netskope, and Check Point, which could allow attackers to bypass authentication and escalate privileges. Immediate mitigation is essential as proof-of-concept attacks are likely, with Zscaler releasing a patch for its flaw. #ZscalerCVEs #NetskopeVulnerabilities
Keypoints
- The vulnerabilities include critical flaws like authentication bypasses and privilege escalations.
- Zscalerβs most severe issue, CVE-2025-54982, involves cryptographic signature verification bypass in SAML authentication.
- Netskope suffers from client-side vulnerabilities that allow unauthorized enrollment and user impersonation.
- Check Pointβs Perimeter 81 platform has a hardcoded SFTP credential flaw leading to unauthorized access.
- Timely patching and credential rotation are crucial as no confirmed exploits have been observed in the wild yet.
Read More: https://fortiguard.fortinet.com/threat-signal-report/6184