AspNetCore रिमोट ऑथेंटिकेटर फॉर SPID SAML रिस्पॉन्स सिग्नेचर वेरिफिकेशन बाईपास की अनुमति देता है

The core of the vulnerability lies in the library's handling of SAML assertions, the data exchanged between the Identity Provider (IdP) and the Service Provider (SP) during authentication. An attacker can craft malicious SAML assertions, manipulating the identity information presented to the Service Provider. This manipulation could allow them to impersonate legitimate users, gain access to sensitive data, or escalate privileges within the system. The potential impact is significant, as successful exploitation could compromise the entire application relying on SPID.AspNetCore.Authentication for authentication. The SPID library acts as the Service Provider (SP) in the SAML2 flow, making it a critical point of attack.

Applications and services relying on SPID.AspNetCore.Authentication for authentication, particularly those handling sensitive data or critical functions, are at significant risk. Organizations using older, unpatched versions of the library, or those with custom authentication logic built on top of SPID.AspNetCore.Authentication, should prioritize remediation.

• .NET / ASP.NET Core:

Get-Package -Name SPID.AspNetCore.Authentication | Select-Object Version

• .NET / ASP.NET Core: Check for versions <= 3.3.0-prerelease in project files or NuGet package manager. • .NET / ASP.NET Core: Monitor application logs for unusual SAML assertion processing errors or authentication failures. • .NET / ASP.NET Core: Review code for any custom SAML assertion handling logic that might be vulnerable to manipulation.

1. 2025-02-18Disclosure

   disclosure

1. आरक्षित2025-01-27
2. प्रकाशित2025-02-18
3. EPSS अद्यतन2026-04-02

The primary mitigation for CVE-2025-24894 is to immediately upgrade to version 3.4.0 of SPID.AspNetCore.Authentication. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing stricter validation of incoming SAML assertions at the Service Provider level. This might involve verifying the signature of the assertion, checking the issuer, and validating the attributes contained within the assertion. Web Application Firewalls (WAFs) configured to inspect SAML traffic can also provide a layer of defense by detecting and blocking malicious assertions. After upgrading, confirm the fix by attempting to authenticate with a test user and verifying that the application behaves as expected.