A critical vulnerability in the Samlify library allows attackers to impersonate admin users by injecting malicious assertions into signed SAML responses, leading to significant authentication bypass risks. Although no active exploitation has been reported, users are advised to update to version 2.10.0 to protect their systems. #Samlify #CVEModule #SAMLAuthentication
Keypoints
- A critical flaw (CVE-2025-47949) in Samlify affects all versions prior to 2.10.0, enabling impersonation attacks.
- The vulnerability involves injection of malicious assertions into signed SAML responses due to flawed XML parsing.
- Attackers can exploit the flaw with access to a valid signed XML blob, requiring no additional user interaction.
- Successful exploitation allows privilege escalation and remote login as administrators, posing major security risks.
- Upgrading to Samlify version 2.10.0 is recommended to mitigate the vulnerability and secure affected environments.