CVE-2025-54603
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-54603, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-14

Last updated on: 2025-10-14

Assigner: MITRE

Description

An incorrect OIDC authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 can result in unauthorized user creation or impersonation of existing OIDC users.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-14
Last Modified
2025-10-14
Generated
2026-07-06
AI Q&A
2025-10-14
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
claroty secure_access 3.3.0
claroty secure_access 4.0.2

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-54603 is a critical vulnerability in Claroty Secure Access versions 3.3.0 through 4.0.2 when using OpenID Connect (OIDC) authentication. It involves an incorrect OIDC authentication flow that can allow an attacker to create unauthorized user accounts or impersonate existing OIDC users. In some configurations, the attacker can even add themselves to the built-in 'Administrators' group, gaining administrative privileges within the application. [1]

Impact Analysis

This vulnerability can severely impact you by allowing unauthorized users to gain access to your Claroty Secure Access system. Attackers could create new user accounts without permission or impersonate legitimate users, potentially leading to unauthorized access to sensitive systems. If attackers add themselves to the 'Administrators' group, they could gain full administrative control, compromising the security and integrity of your environment. [1]

Detection Guidance

Detection involves verifying if your Claroty Secure Access deployment is running a vulnerable version (3.3.0 through 4.0.2) with OIDC authentication configured currently or previously. Since no public exploits or proof-of-concept code are known, direct detection commands are not provided. You should check the Claroty Secure Access version and review OIDC configuration settings to identify potential exposure. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading Claroty Secure Access to fixed versions 3.7 or 4.0.2 available through the Claroty customer portal. If you are running other affected versions, contact Claroty support for remediation guidance. Additionally, review and possibly disable or reconfigure OIDC authentication until the patch is applied to prevent unauthorized user creation or impersonation. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-54603. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart