Plattform
other
Komponente
kiuwan
Behoben in
2.8.2510
CVE-2026-24069 describes an authorization bypass vulnerability within Kiuwan SAST, a static application security testing (SAST) tool. This flaw allows disabled user accounts, previously mapped for Single Sign-On (SSO), to circumvent the intended access restrictions and continue accessing the application. The vulnerability affects both Kiuwan Cloud and on-premise installations (KOP) prior to version 2.8.2509.4. A fix is available in version 2.8.2509.4.
The primary impact of CVE-2026-24069 is unauthorized access to Kiuwan SAST. An attacker who can exploit this vulnerability can bypass SSO authentication for disabled user accounts, gaining full access to the application's features and data. This includes the ability to view scanned code, project configurations, and potentially sensitive information related to the organization's software development lifecycle. Lateral movement within the environment is unlikely, as the vulnerability is specific to the Kiuwan SAST application itself. The blast radius is limited to the data and functionality accessible within the Kiuwan SAST platform.
The vulnerability was published on 2026-04-14. Public proof-of-concept (POC) code is currently unavailable. The EPSS score is pending evaluation. There are no known active campaigns targeting this vulnerability at this time. Refer to the Kiuwan security advisory for further details and updates.
Organizations utilizing Kiuwan SAST, particularly those relying on SSO for user authentication, are at risk. This includes development teams, security professionals, and DevOps engineers who manage and utilize the SAST tool for code analysis and vulnerability detection. Environments with complex SSO configurations or legacy integrations are particularly vulnerable.
disclosure
Exploit-Status
EPSS
0.01% (1% Perzentil)
The primary mitigation for CVE-2026-24069 is to upgrade Kiuwan SAST to version 2.8.2509.4 or later. If an immediate upgrade is not feasible, consider temporarily disabling the SSO functionality and relying on local authentication until the upgrade can be performed. Review user account configurations to ensure all disabled accounts are properly restricted. Monitor Kiuwan SAST logs for any suspicious login attempts or unauthorized access. After upgrading, confirm the fix by attempting to log in with a previously disabled user account; the login should be denied.
Actualice Kiuwan SAST a la versión 2.8.2509.4 o posterior para corregir la vulnerabilidad. Esta actualización asegura que las cuentas de usuario deshabilitadas no puedan acceder a la aplicación a través de SSO, reforzando la seguridad del sistema.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-24069 is a vulnerability in Kiuwan SAST allowing disabled SSO-mapped user accounts to bypass authentication and access the application, potentially leading to unauthorized data access.
If you are using Kiuwan SAST versions 1.0.0 through 2.8.2509.4, you are potentially affected. Check your current version and upgrade if necessary.
Upgrade Kiuwan SAST to version 2.8.2509.4 or later. As a temporary workaround, disable SSO authentication until the upgrade can be completed.
As of now, there are no confirmed reports of active exploitation, but the vulnerability's nature suggests it could be targeted.
Refer to the official Kiuwan security advisory for detailed information and updates regarding CVE-2026-24069.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.