A crucial Samlify authentication bypass vulnerability has been found that permits attackers to impersonate admin customers by injecting unsigned malicious assertions into legitimately signed SAML responses.
Samlify is a high-level authentication library that helps builders combine SAML SSO and Single Log-Out (SLO) into Node.js functions. It’s a fashionable device for constructing or connecting to identification suppliers (IdPs) and repair suppliers (SPs) utilizing SAML.
The library is utilized by SaaS platforms, organizations implementing SSO for inner instruments, builders integrating with company Id Suppliers like Azure AD or Okta, and in federated identification administration situations. It is extremely fashionable, measuring over 200,000 weekly downloads on npm.
The flaw, tracked as CVE-2025-47949, is a crucial (CVSS v4.0 rating: 9.9) Signature Wrapping flaw impacting all variations of Samlify earlier than 2.10.0.
As EndorLabs defined in a report, Samlify appropriately verifies that the XML doc offering a consumer’s identification is signed. Nonetheless, it proceeds to learn faux assertions from part of the XML that is not.
Attackers holding a legitimate signed SAML response by means of interception or through public metadata can modify it to use the parsing flaw within the library and authenticate as another person.
“The attacker then takes this legitimately signed XML doc and manipulates it. They insert a second, malicious SAML Assertion into the doc,” explains EndorLabs.
“This malicious assertion comprises the identification of a goal consumer (e.g., an administrator’s username).”
“The essential half is that the legitimate signature from the unique doc nonetheless applies to a benign a part of the XML construction, however the SP’s weak parsing logic will inadvertently course of the unsigned, malicious assertion.”
This can be a full SSO bypass, permitting unauthorized distant attackers to carry out privilege escalation and log in as directors.
The attacker wants no consumer interplay or particular privileges, and the one requirement is entry to a legitimate signed XML blob, making the exploitation comparatively easy.
To mitigate the danger, it’s endorsed that customers improve to Samlify model 2.10.0, launched earlier this month.
Be aware that GitHub nonetheless presents 2.9.1 as the newest model, however npm hosts the safe-to-use 2.10.0 as of writing.
There haven’t been any experiences of energetic exploitation of CVE-2025-47949 within the wild, however impacted customers are suggested to take fast motion and safe their environments.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and learn how to defend towards them.
