CVE-2025-26787
Unknown Unknown - Not Provided
Privilege Escalation via Startup Logic Error in Keyfactor SignServer

Publication date: 2025-12-22

Last updated on: 2025-12-22

Assigner: MITRE

Description
An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to configure Certificate access to the initial startup of the container sets a property of "allowany" to allow any user with a valid and trusted client auth certificate to connect. Admins can then set more restricted access to specific certificates. A logic error caused this admin CLI command to be run on each restart of the container instead of only the first startup as intended resetting the configuration to "allowany".
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-22
Last Modified
2025-12-22
Generated
2026-05-07
AI Q&A
2025-12-23
EPSS Evaluated
2026-05-05
NVD
CVE-2025-26787
EUVD
EUVD-2025-204738
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
keyfactor signserver *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-642 The product stores security-critical state information about its users, or the product itself, in a location that is accessible to unauthorized actors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a logic error in the Keyfactor SignServer container startup process prior to version 7.2. Specifically, an Admin CLI command intended to configure certificate access only during the initial container startup instead runs on every restart. This command sets the access property to "allowany," which permits any user with a valid and trusted client authentication certificate to connect. Because the command resets this setting on every restart, it unintentionally allows broader access than intended, potentially exposing the system to unauthorized users. [1]


How can this vulnerability impact me? :

The vulnerability can lead to unauthorized access to the SignServer container because the access control setting is reset to allow any user with a valid client authentication certificate to connect on every restart. This means that even if administrators set more restrictive access controls, these settings are overridden on container restarts, potentially allowing unintended users to connect and access sensitive certificate-related functions or data. [1]


What immediate steps should I take to mitigate this vulnerability?

Upgrade the SignServer container deployment to version 7.2 or later, as this version includes a fix for the vulnerability by correcting the startup logic error. This upgrade mitigates the issue by preventing the admin CLI command from resetting the configuration to "allowany" on each container restart. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart