Claroty Secure Remote Access OIDC authentication bypass patch release (CVE-2025-54603)
Security Patch Release
Summary
Hide ▲
Show ▼
Claroty patched CVE-2025-54603 in Secure Remote Access (SRA), closing an OIDC authentication bypass that could create unauthorized users, impersonate existing users, and lead to full admin control in affected deployments.
Related Happenings
SimpleHelp security update for CVE-2026-48558
Security Patch Release
H score65
First: 15.06.2026 23:06
Last: 15.06.2026 23:06
Sources 1
About this happening:
**SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
SimpleHelp security update for CVE-2026-48558
Security Patch ReleaseAbout this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926
Security Patch Release
H score45
First: 22.05.2026 11:19
Last: 22.05.2026 11:19
Sources 1
About this happening:
**TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....
TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926
Security Patch ReleaseAbout this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....
Ivanti security patch release for CVE-2026-8043
Security Patch Release
H score25
First: 18.05.2026 13:54
Last: 18.05.2026 13:54
Sources 1
About this happening:
**Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Ivanti security patch release for CVE-2026-8043
Security Patch ReleaseAbout this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Cisco security patch release for CVE-2026-20184
Security Patch Release
H score44
First: 16.04.2026 14:27
Last: 16.04.2026 14:27
Sources 1
About this happening:
**Cisco** released patches for **four critical flaws** affecting **Identity Services Engine (ISE)**, **ISE-PIC**, and **Webex Services**, closing paths to **arbitrary code executi...
Cisco security patch release for CVE-2026-20184
Security Patch ReleaseAbout this happening: **Cisco** released patches for **four critical flaws** affecting **Identity Services Engine (ISE)**, **ISE-PIC**, and **Webex Services**, closing paths to **arbitrary code executi...
ConnectWise security patch release for CVE-2026-3564
Security Patch Release
H score29
First: 18.03.2026 20:10
Last: 18.03.2026 20:10
Sources 1
About this happening:
ConnectWise released **ScreenConnect 26.1** to harden **machine key** handling after disclosing **CVE-2026-3564**, a flaw that can enable **unauthorized access** and **privilege e...
ConnectWise security patch release for CVE-2026-3564
Security Patch ReleaseAbout this happening: ConnectWise released **ScreenConnect 26.1** to harden **machine key** handling after disclosing **CVE-2026-3564**, a flaw that can enable **unauthorized access** and **privilege e...
Timeline
-
30.10.2025 22:29 2 articles · 8mo ago
Claroty patches CVE-2025-54603 in Secure Remote Access
Mitigation Patch UpdateClaroty patched CVE-2025-54603 in Secure Remote Access (SRA), fixing an incorrect OpenID Connect (OIDC) authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 that could allow unauthorized user creation, impersonation of existing OIDC users, bypass of two-factor authentication, and full admin control.
Show sources
- Claroty Patches Authentication Bypass Flaw — www.darkreading.com — 30.10.2025 22:29
- Claroty Patches Authentication Bypass Flaw — www.darkreading.com — 30.10.2025 22:29