CVE-2025-24895

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Feb 18, 2025

CWE ID 287

Summary

CVE-2025-24895 affects the CIE.AspNetCore.Authentication library used in AspNetCore for remote authentication in CIE 3.0 systems. The vulnerability lies in the lack of verification guarantee for the first signature in SAML responses, allowing an attacker to inject an arbitrary signed XML element that would be accepted as legitimate by the Service Provider (SP). This could result in the attacker impersonating any Spid and/or CIE user. The issue has been addressed in version 2.1.0, and all users are advised to upgrade as no workarounds are available. This vulnerability exposes both the SP and the affected SDKs to potential unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database