Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Claroty Secure Remote Access OIDC authentication bypass patch release (CVE-2025-54603)

Security Patch Release
First reported
Last updated
Happening score
H score 10
1 unique sources, 1 articles

Summary

Hide ▲

Claroty patched CVE-2025-54603 in Secure Remote Access (SRA), closing an OIDC authentication bypass that could create unauthorized users, impersonate existing users, and lead to full admin control in affected deployments.

Related Happenings

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Cisco security patch release for CVE-2026-20184

Security Patch Release
First: 16.04.2026 14:27 Last: 16.04.2026 14:27 Sources 1

About this happening: **Cisco** released patches for **four critical flaws** affecting **Identity Services Engine (ISE)**, **ISE-PIC**, and **Webex Services**, closing paths to **arbitrary code executi...

Open Happening

ConnectWise security patch release for CVE-2026-3564

Security Patch Release
First: 18.03.2026 20:10 Last: 18.03.2026 20:10 Sources 1

About this happening: ConnectWise released **ScreenConnect 26.1** to harden **machine key** handling after disclosing **CVE-2026-3564**, a flaw that can enable **unauthorized access** and **privilege e...

Open Happening

Hewlett Packard Enterprise (HPE) security patch release for CVE-2026-23813

Security Patch Release
First: 10.03.2026 19:30 Last: 10.03.2026 19:30 Sources 1

About this happening: **HPE** released **security updates** for **Aruba Networking AOS-CX**, closing **multiple vulnerabilities** including authentication and code execution issues on **CX-series campu...

Open Happening

Timeline

  1. 30.10.2025 22:29 2 articles · 6mo ago

    Claroty patches CVE-2025-54603 in Secure Remote Access

    Mitigation Patch Update

    Claroty patched CVE-2025-54603 in Secure Remote Access (SRA), fixing an incorrect OpenID Connect (OIDC) authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 that could allow unauthorized user creation, impersonation of existing OIDC users, bypass of two-factor authentication, and full admin control.

    Show sources
    Open in new tab