A vital Samlify authentication bypass vulnerability has been found that enablesĀ attackers to impersonate admin customers by injecting unsigned malicious assertions into legitimately signed SAML responses.
Samlify is a high-level authentication library that helps builders combine SAML SSO and Single Log-Out (SLO) into Node.js purposes. It’s a common device for constructing or connecting to id suppliers (IdPs) and repair suppliers (SPs) utilizing SAML.
The library is utilized by SaaS platforms, organizations implementing SSO for inside instruments, builders integrating with company Id Suppliers like Azure AD or Okta, and in federated id administration situations. It is rather common, measuring over 200,000 weekly downloads on npm.
The flaw, tracked as CVE-2025-47949, is a vital (CVSS v4.0 rating: 9.9) Signature Wrapping flaw impacting all variations of Samlify earlier than 2.10.0.
As EndorLabs defined in a report, Samlify appropriately verifies that the XML doc offering a consumer’s id is signed. Nonetheless, it proceeds to learn faux assertions from part of the XML that is not.
Attackers holding a sound signed SAML response by interception or by way of public metadata can modify it to use the parsing flaw within the library and authenticate as another person.
“The attacker then takes this legitimately signed XML doc and manipulates it. They insert a second, malicious SAML Assertion into the doc,” explains EndorLabs.
“This malicious assertion accommodates the id of a goal consumer (e.g., an administrator’s username).”
“The essential half is that the legitimate signature from the unique doc nonetheless applies to a benign a part of the XML construction, however the SP’s susceptible parsing logic will inadvertently course of the unsigned, malicious assertion.”
This can be a full SSO bypass, permitting unauthorized distant attackers to carry out privilege escalation and log in as directors.
The attacker wants no consumer interplay or particular privileges, and the one requirement is entry to a sound signed XML blob, making the exploitation comparatively easy.
To mitigate the chance, it is suggested that customers improve to Samlify model 2.10.0, launched earlier this month.
Be aware that GitHub nonetheless affords 2.9.1 as the newest model, however npm hosts the safe-to-use 2.10.0 as of writing.
There haven’t been any studies of energetic exploitation of CVE-2025-47949 within the wild, however impacted customers are suggested to take speedy motion and safe their environments.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and how you can defend in opposition to them.
