Securden Unified PAM Authentication Bypass
wird übersetzt…Plattform
other
Komponente
securden-unified-pam
Behoben in
11.3.2
CVE-2025-53118 describes a critical authentication bypass vulnerability affecting Securden Unified PAM versions 9.0.0 through 11.3.1. This flaw allows an unauthenticated attacker to gain control over administrator backup functions, leading to the potential exposure of sensitive data. The vulnerability has been resolved in version 11.3.2, and users are strongly advised to upgrade immediately.
Auswirkungen und Angriffsszenarienwird übersetzt…
The impact of this vulnerability is severe. An attacker exploiting CVE-2025-53118 can bypass authentication and directly manipulate administrator backup processes within Securden Unified PAM. This allows them to access and exfiltrate sensitive information, including stored passwords, secrets, and application session tokens. Successful exploitation could lead to complete compromise of the system and the applications relying on Unified PAM for authentication. The ability to control backup functions also provides a pathway for data destruction or modification, significantly expanding the potential damage.
Ausnutzungskontextwird übersetzt…
CVE-2025-53118 was publicly disclosed on 2025-08-25. The vulnerability's severity (CVSS 9.8) indicates a high probability of exploitation. As of this writing, no public proof-of-concept (PoC) code has been released, but the ease of exploitation described in the vulnerability description suggests that a PoC is likely to emerge. It is not currently listed on the CISA KEV catalog, but its critical severity warrants close monitoring.
Wer Ist Gefährdetwird übersetzt…
Organizations utilizing Securden Unified PAM for centralized authentication, particularly those with legacy configurations or shared hosting environments, are at significant risk. Environments where administrator backup functions are frequently accessed over the network are especially vulnerable.
Angriffszeitlinie
- Disclosure
disclosure
Bedrohungsanalyse
Exploit-Status
EPSS
27.98% (96% Perzentil)
CISA SSVC
CVSS-Vektor
Was bedeuten diese Metriken?
- Attack Vector
- Netzwerk — aus der Ferne über das Internet ausnutzbar. Kein physischer oder lokaler Zugriff erforderlich.
- Attack Complexity
- Niedrig — keine besonderen Bedingungen erforderlich. Zuverlässig ausnutzbar.
- Privileges Required
- Keine — ohne Authentifizierung ausnutzbar. Keine Zugangsdaten erforderlich.
- User Interaction
- Keine — automatischer und lautloser Angriff. Das Opfer tut nichts.
- Scope
- Unverändert — Auswirkung auf das anfällige Komponente beschränkt.
- Confidentiality
- Hoch — vollständiger Vertraulichkeitsverlust. Angreifer kann alle Daten lesen.
- Integrity
- Hoch — Angreifer kann beliebige Daten schreiben, ändern oder löschen.
- Availability
- Hoch — vollständiger Absturz oder Ressourcenerschöpfung. Totaler Denial of Service.
Betroffene Software
Schwachstellen-Klassifikation (CWE)
Zeitleiste
- Reserviert
- Veröffentlicht
- EPSS aktualisiert
Mitigation und Workaroundswird übersetzt…
The primary mitigation for CVE-2025-53118 is to upgrade Securden Unified PAM to version 11.3.2 or later. If immediate upgrade is not feasible, consider implementing temporary workarounds. Restrict network access to the Unified PAM server to only authorized personnel and systems. Implement strict firewall rules to limit inbound connections. Monitor system logs for suspicious activity, particularly related to backup operations. While not a direct fix, these measures can reduce the attack surface and potentially detect exploitation attempts. After upgrading, confirm the fix by attempting to trigger a backup function without authentication and verifying that access is denied.
So behebenwird übersetzt…
Actualice Securden Unified PAM a una versión posterior a 11.3.1 para corregir la vulnerabilidad de omisión de autenticación. Esto evitará que atacantes no autenticados accedan a funciones de respaldo del administrador y comprometan contraseñas, secretos y tokens de sesión de la aplicación.
CVE-Sicherheitsnewsletter
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
Häufig gestellte Fragenwird übersetzt…
What is CVE-2025-53118 — Authentication Bypass in Securden Unified PAM?
CVE-2025-53118 is a critical vulnerability in Securden Unified PAM versions 9.0.0–11.3.1 that allows an unauthenticated attacker to bypass authentication and control administrator backup functions, potentially compromising sensitive data.
Am I affected by CVE-2025-53118 in Securden Unified PAM?
If you are running Securden Unified PAM versions 9.0.0 through 11.3.1, you are potentially affected by this vulnerability. Upgrade to version 11.3.2 or later to mitigate the risk.
How do I fix CVE-2025-53118 in Securden Unified PAM?
The recommended fix is to upgrade Securden Unified PAM to version 11.3.2 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting network access and monitoring system logs.
Is CVE-2025-53118 being actively exploited?
While no public proof-of-concept code has been released, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation. Monitor your systems closely.
Where can I find the official Securden advisory for CVE-2025-53118?
Please refer to the Securden website and security advisories for the official announcement and detailed information regarding CVE-2025-53118.
Ist dein Projekt betroffen?
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.