A crucial Samlify authentication bypass vulnerability has been found that permitsĀ attackers to impersonate admin customers by injecting unsigned malicious assertions into legitimately signed SAML responses.
Samlify is a high-level authentication library that helps builders combine SAML SSO and Single Log-Out (SLO) into Node.js purposes. It’s a in style software for constructing or connecting to identification suppliers (IdPs) and repair suppliers (SPs) utilizing SAML.
The library is utilized by SaaS platforms, organizations implementing SSO for inner instruments, builders integrating with company Identification Suppliers like Azure AD or Okta, and in federated identification administration eventualities. It is vitally in style, measuring over 200,000 weekly downloads on npm.
The flaw, tracked as CVE-2025-47949, is a crucial (CVSS v4.0 rating: 9.9) Signature Wrapping flaw impacting all variations of Samlify earlier than 2.10.0.
As EndorLabs defined in a report, Samlify appropriately verifies that the XML doc offering a person’s identification is signed. Nonetheless, it proceeds to learn pretend assertions from part of the XML that is not.
Attackers holding a sound signed SAML response by interception or through public metadata can modify it to take advantage of the parsing flaw within the library and authenticate as another person.
“The attacker then takes this legitimately signed XML doc and manipulates it. They insert a second, malicious SAML Assertion into the doc,” explains EndorLabs.
“This malicious assertion accommodates the identification of a goal person (e.g., an administrator’s username).”
“The essential half is that the legitimate signature from the unique doc nonetheless applies to a benign a part of the XML construction, however the SP’s weak parsing logic will inadvertently course of the unsigned, malicious assertion.”
It is a full SSO bypass, permitting unauthorized distant attackers to carry out privilege escalation and log in as directors.
The attacker wants no person interplay or particular privileges, and the one requirement is entry to a sound signed XML blob, making the exploitation comparatively easy.
To mitigate the danger, it is suggested that customers improve to Samlify model 2.10.0, launched earlier this month.
Notice that GitHub nonetheless provides 2.9.1 as the most recent model, however npm hosts the safe-to-use 2.10.0 as of writing.
There haven’t been any reviews of energetic exploitation of CVE-2025-47949 within the wild, however impacted customers are suggested to take quick motion and safe their environments.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK strategies behind 93% of assaults and tips on how to defend towards them.
