Claroty Secure Access OIDC authentication bypass (CVE-2025-54603)
Vulnerability
Summary
Hide ▲
Show ▼
CVE-2025-54603 affects Claroty Secure Access deployments that use on-premises OIDC, where an authentication bypass could let an attacker create unauthorized users, impersonate existing users, and reach full admin control. The flaw also lets attackers bypass two-factor authentication, increasing the exposure of OT remote-access environments. Claroty has patched the vulnerability, but unpatched systems remain at risk until updated.
Related Happenings
N8n sandbox escape flaws (multiple vulnerabilities)
Vulnerability
First: 04.02.2026 15:00
Last: 04.02.2026 15:00
Sources 1
About this happening:
Two **maximum-severity sandbox-escape flaws** in **n8n** expose **self-hosted and cloud instances** to **complete server takeover** and **credential theft**. An **authenticated us...
N8n sandbox escape flaws (multiple vulnerabilities)
VulnerabilityAbout this happening: Two **maximum-severity sandbox-escape flaws** in **n8n** expose **self-hosted and cloud instances** to **complete server takeover** and **credential theft**. An **authenticated us...
CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551
Public Sector Action
First: 04.02.2026 07:50
Last: 04.02.2026 07:50
Sources 1
About this happening:
**CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...
CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551
Public Sector ActionAbout this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...
Timeline
-
30.10.2025 22:29 2 articles · 6mo ago
CVE-2025-54603 lets attackers bypass OIDC authentication in Claroty Secure Access
Initial DisclosureLimes Security found and reported CVE-2025-54603 to Claroty during a routine pen test for a customer, identifying an incorrect OpenID Connect (OIDC) authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 that can create unauthorized users, impersonate existing OIDC users, bypass two-factor authentication, and let an attacker reach full admin control on affected Claroty Secure Remote Access (SRA) deployments. Claroty has patched the flaw, and disabling OIDC alone is not sufficient; deploying the vendor fix is required.
Show sources
- Claroty Patches Authentication Bypass Flaw — www.darkreading.com — 30.10.2025 22:29
- Claroty Patches Authentication Bypass Flaw — www.darkreading.com — 30.10.2025 22:29