CVE-2025-54603
BaseFortify
Publication date: 2025-10-14
Last updated on: 2025-10-14
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| claroty | secure_access | 3.3.0 |
| claroty | secure_access | 4.0.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-54603 is a critical vulnerability in Claroty Secure Access versions 3.3.0 through 4.0.2 when using OpenID Connect (OIDC) authentication. It involves an incorrect OIDC authentication flow that can allow an attacker to create unauthorized user accounts or impersonate existing OIDC users. In some configurations, the attacker can even add themselves to the built-in 'Administrators' group, gaining administrative privileges within the application. [1]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing unauthorized users to gain access to your Claroty Secure Access system. Attackers could create new user accounts without permission or impersonate legitimate users, potentially leading to unauthorized access to sensitive systems. If attackers add themselves to the 'Administrators' group, they could gain full administrative control, compromising the security and integrity of your environment. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves verifying if your Claroty Secure Access deployment is running a vulnerable version (3.3.0 through 4.0.2) with OIDC authentication configured currently or previously. Since no public exploits or proof-of-concept code are known, direct detection commands are not provided. You should check the Claroty Secure Access version and review OIDC configuration settings to identify potential exposure. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Claroty Secure Access to fixed versions 3.7 or 4.0.2 available through the Claroty customer portal. If you are running other affected versions, contact Claroty support for remediation guidance. Additionally, review and possibly disable or reconfigure OIDC authentication until the patch is applied to prevent unauthorized user creation or impersonation. [1]