CVE-2025-27509

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-27509
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-27509.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-27509
Aliases
Downstream
Related
Published
2025-03-06T19:00:36Z
Modified
2025-10-30T19:45:29.508975Z
Severity
  • 9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
SAML authentication vulnerability due to improper SAML response validation
Details

fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time (JIT) provisioning is enabled, or create new accounts tied to forged assertions if f MDM enrollment is enabled. This vulnerability is fixed in 4.64.2, 4.63.2, 4.62.4, and 4.58.1.

Database specific 
{
    "cwe_ids": [
        "CWE-285"
    ]
}
References

Affected packages

Git / github.com/fleetdm/fleet

Affected ranges

Type
GIT
Repo
https://github.com/fleetdm/fleet
Events
Introduced
eb0e4efbd7bfa58efae640ef8a73f7d54523f3a6
Fixed
7a7aebb82a8da9a44992118c651c3ca78efb65ae
Database specific 
{
    "versions": [
        {
            "introduced": "4.64.0"
        },
        {
            "fixed": "4.64.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/fleetdm/fleet
Events
Introduced
3d3eb5cba8f30d547a29f37e8d5a88f3ff546290
Fixed
1b6be19eb92d53b83e4a264f0e0630c1f4917f66
Database specific 
{
    "versions": [
        {
            "introduced": "4.63.0"
        },
        {
            "fixed": "4.63.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/fleetdm/fleet
Events
Introduced
0105dc68e6d702a911db54f99206d0dfff8f0d3f
Fixed
178676ec5ba50c2bb38c4d817b0508445a8449ab
Database specific 
{
    "versions": [
        {
            "introduced": "4.62.0"
        },
        {
            "fixed": "4.62.4"
        }
    ]
}
Type
GIT
Repo
https://github.com/fleetdm/fleet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5ead113564d24448b48b1f6ccaf502e72f868e5c
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.58.1"
        }
    ]
}

Affected versions

1.*

1.0.0
1.0.0-rc1
1.0.0-rc2
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7

2.*

2.0.0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4
2.0.0-rc5
2.0.1
2.0.2
2.1.0
2.1.1
2.1.2
2.2.0
2.3.0
2.4.0
2.5.0
2.6.0

3.*

3.0.0
3.1.0
3.10.0
3.10.1
3.11.0
3.12.0
3.13.0
3.2.0
3.3.0
3.4.0
3.5.0
3.5.1
3.6.0
3.7.0
3.7.1
3.7.2
3.7.3
3.8.0
3.9.0

fleet-v4.*

fleet-v4.10.0
fleet-v4.11.0
fleet-v4.12.0
fleet-v4.13.0
fleet-v4.14.0
fleet-v4.15.0
fleet-v4.16.0
fleet-v4.17.0
fleet-v4.18.0
fleet-v4.19.0
fleet-v4.2.0
fleet-v4.2.2
fleet-v4.20.0
fleet-v4.22.0
fleet-v4.23.0
fleet-v4.24.0
fleet-v4.25.0
fleet-v4.26.0
fleet-v4.27.0
fleet-v4.28.0
fleet-v4.29.0
fleet-v4.3.0
fleet-v4.3.1
fleet-v4.30.0
fleet-v4.31.0
fleet-v4.32.0
fleet-v4.33.0
fleet-v4.34.0
fleet-v4.35.0
fleet-v4.36.0
fleet-v4.37.0
fleet-v4.38.0
fleet-v4.39.0
fleet-v4.4.0
fleet-v4.40.0
fleet-v4.41.0
fleet-v4.43.0
fleet-v4.45.0
fleet-v4.47.0
fleet-v4.48.0
fleet-v4.49.0
fleet-v4.5.0
fleet-v4.50.0
fleet-v4.51.0
fleet-v4.58.0
fleet-v4.6.0
fleet-v4.6.1
fleet-v4.62.0
fleet-v4.62.1
fleet-v4.62.2
fleet-v4.62.3
fleet-v4.64.0
fleet-v4.64.1
fleet-v4.7.0
fleet-v4.8.0

fleetctl-docker-deps-v4.*

fleetctl-docker-deps-v4.58.0

fleetd-chrome-v1.*

fleetd-chrome-v1.1.0-beta
fleetd-chrome-v1.1.1-beta
fleetd-chrome-v1.1.3
fleetd-chrome-v1.1.3-beta
fleetd-chrome-v1.2.0
fleetd-chrome-v1.2.0-beta
fleetd-chrome-v1.2.1-beta
fleetd-chrome-v1.3.0
fleetd-chrome-v1.3.1

Other

orbit-test-build

orbit-v0.*

orbit-v0.0.11
orbit-v0.0.12
orbit-v0.0.13
orbit-v0.0.4
orbit-v0.0.5
orbit-v0.0.6
orbit-v0.0.7
orbit-v0.0.9

orbit-v1.*

orbit-v1.0.0
orbit-v1.1.0
orbit-v1.10.0
orbit-v1.11.0
orbit-v1.12.0
orbit-v1.12.1
orbit-v1.13.0
orbit-v1.14.0
orbit-v1.15.0
orbit-v1.16.0
orbit-v1.16.0-2
orbit-v1.17.0
orbit-v1.18.0-RC
orbit-v1.18.2
orbit-v1.18.3
orbit-v1.2.0-rc1
orbit-v1.20.0
orbit-v1.3.0
orbit-v1.3.0-rc
orbit-v1.4.0
orbit-v1.4.0-rc
orbit-v1.4.1
orbit-v1.5.0
orbit-v1.7.0
orbit-v1.8.0
orbit-v1.9.0
orbit-v1.9.1

tf-mod-addon-bfldf-v1.*

tf-mod-addon-bfldf-v1.1.0

tf-mod-addon-byo-file-carving-target-account-v1.*

tf-mod-addon-byo-file-carving-target-account-v1.0.0
tf-mod-addon-byo-file-carving-target-account-v1.1.0

tf-mod-addon-byo-file-carving-v1.*

tf-mod-addon-byo-file-carving-v1.0.0
tf-mod-addon-byo-file-carving-v1.1.0

tf-mod-addon-byo-firehose-logging-destination-firehose-v1.*

tf-mod-addon-byo-firehose-logging-destination-firehose-v1.0.0
tf-mod-addon-byo-firehose-logging-destination-firehose-v1.1.0

tf-mod-addon-byo-firehose-logging-destination-firehose-v2.*

tf-mod-addon-byo-firehose-logging-destination-firehose-v2.0.0
tf-mod-addon-byo-firehose-logging-destination-firehose-v2.0.1
tf-mod-addon-byo-firehose-logging-destination-firehose-v2.0.2
tf-mod-addon-byo-firehose-logging-destination-firehose-v2.0.3

tf-mod-addon-byo-firehose-logging-destination-target-account-v1.*

tf-mod-addon-byo-firehose-logging-destination-target-account-v1.0.0
tf-mod-addon-byo-firehose-logging-destination-target-account-v1.1.0

tf-mod-addon-byo-kinesis-logging-destination-kinesis-v1.*

tf-mod-addon-byo-kinesis-logging-destination-kinesis-v1.0.0
tf-mod-addon-byo-kinesis-logging-destination-kinesis-v1.0.1

tf-mod-addon-byo-kinesis-logging-destination-target-account-v1.*

tf-mod-addon-byo-kinesis-logging-destination-target-account-v1.0.0

tf-mod-addon-external-vuln-scans-v1.*

tf-mod-addon-external-vuln-scans-v1.0.0

tf-mod-addon-external-vuln-scans-v2.*

tf-mod-addon-external-vuln-scans-v2.0.0
tf-mod-addon-external-vuln-scans-v2.0.1
tf-mod-addon-external-vuln-scans-v2.0.2
tf-mod-addon-external-vuln-scans-v2.1.0
tf-mod-addon-external-vuln-scans-v2.2.0

tf-mod-addon-geolite2-v1.*

tf-mod-addon-geolite2-v1.0.0

tf-mod-addon-logging-alb-v1.*

tf-mod-addon-logging-alb-v1.0.0
tf-mod-addon-logging-alb-v1.0.1
tf-mod-addon-logging-alb-v1.0.2
tf-mod-addon-logging-alb-v1.1.0
tf-mod-addon-logging-alb-v1.1.1
tf-mod-addon-logging-alb-v1.2.0

tf-mod-addon-logging-destination-firehose-v1.*

tf-mod-addon-logging-destination-firehose-v1.0.0
tf-mod-addon-logging-destination-firehose-v1.1.0
tf-mod-addon-logging-destination-firehose-v1.1.1

tf-mod-addon-mdm-v1.*

tf-mod-addon-mdm-v1.0.0
tf-mod-addon-mdm-v1.1.0
tf-mod-addon-mdm-v1.2.0
tf-mod-addon-mdm-v1.2.1
tf-mod-addon-mdm-v1.2.2
tf-mod-addon-mdm-v1.3.0
tf-mod-addon-mdm-v1.4.0
tf-mod-addon-mdm-v1.4.1
tf-mod-addon-mdm-v1.5.0

tf-mod-addon-mdm-v2.*

tf-mod-addon-mdm-v2.0.0

tf-mod-addon-mdmproxy-v1.*

tf-mod-addon-mdmproxy-v1.0.0
tf-mod-addon-mdmproxy-v1.0.1

tf-mod-addon-migrations-v1.*

tf-mod-addon-migrations-v1.0.0

tf-mod-addon-migrations-v2.*

tf-mod-addon-migrations-v2.0.0
tf-mod-addon-migrations-v2.0.1

tf-mod-addon-monitoring-v1.*

tf-mod-addon-monitoring-v1.0.0
tf-mod-addon-monitoring-v1.1.0
tf-mod-addon-monitoring-v1.1.1
tf-mod-addon-monitoring-v1.1.2
tf-mod-addon-monitoring-v1.1.3
tf-mod-addon-monitoring-v1.2.0
tf-mod-addon-monitoring-v1.3.0
tf-mod-addon-monitoring-v1.4.0

tf-mod-addon-osquery-carve-split-account-osquery-carve-v1.*

tf-mod-addon-osquery-carve-split-account-osquery-carve-v1.0.0
tf-mod-addon-osquery-carve-split-account-osquery-carve-v1.1.0

tf-mod-addon-osquery-carve-split-account-split-account-v1.*

tf-mod-addon-osquery-carve-split-account-split-account-v1.0.0
tf-mod-addon-osquery-carve-split-account-split-account-v1.1.0

tf-mod-addon-osquery-carve-v1.*

tf-mod-addon-osquery-carve-v1.0.0
tf-mod-addon-osquery-carve-v1.0.1
tf-mod-addon-osquery-carve-v1.1.0

tf-mod-addon-osquery-perf-v1.*

tf-mod-addon-osquery-perf-v1.0.0

tf-mod-addon-saml-auth-proxy-v1.*

tf-mod-addon-saml-auth-proxy-v1.0.0
tf-mod-addon-saml-auth-proxy-v1.1.0
tf-mod-addon-saml-auth-proxy-v1.2.0
tf-mod-addon-saml-auth-proxy-v1.3.0

tf-mod-addon-ses-v1.*

tf-mod-addon-ses-v1.0.0
tf-mod-addon-ses-v1.1.0

tf-mod-addon-vuln-processing-v1.*

tf-mod-addon-vuln-processing-v1.0.0
tf-mod-addon-vuln-processing-v1.1.0

tf-mod-addon-waf-alb-v1.*

tf-mod-addon-waf-alb-v1.0.0

tf-mod-addon-waf-alb-v2.*

tf-mod-addon-waf-alb-v2.0.0

tf-mod-byo-db-v1.*

tf-mod-byo-db-v1.0.0
tf-mod-byo-db-v1.1.0
tf-mod-byo-db-v1.2.0
tf-mod-byo-db-v1.3.0
tf-mod-byo-db-v1.3.1
tf-mod-byo-db-v1.3.2
tf-mod-byo-db-v1.4.0
tf-mod-byo-db-v1.5.0
tf-mod-byo-db-v1.5.1
tf-mod-byo-db-v1.6.0
tf-mod-byo-db-v1.7.0
tf-mod-byo-db-v1.7.1
tf-mod-byo-db-v1.8.0
tf-mod-byo-db-v1.9.0

tf-mod-byo-ecs-v1.*

tf-mod-byo-ecs-v1.0.0
tf-mod-byo-ecs-v1.1.0
tf-mod-byo-ecs-v1.2.0
tf-mod-byo-ecs-v1.3.0
tf-mod-byo-ecs-v1.4.0
tf-mod-byo-ecs-v1.4.1
tf-mod-byo-ecs-v1.5.0
tf-mod-byo-ecs-v1.6.0
tf-mod-byo-ecs-v1.6.1
tf-mod-byo-ecs-v1.7.0
tf-mod-byo-ecs-v1.8.0

tf-mod-byo-vpc-v1.*

tf-mod-byo-vpc-v1.0.0
tf-mod-byo-vpc-v1.1.0
tf-mod-byo-vpc-v1.10.0
tf-mod-byo-vpc-v1.10.1
tf-mod-byo-vpc-v1.11.0
tf-mod-byo-vpc-v1.12.0
tf-mod-byo-vpc-v1.12.1
tf-mod-byo-vpc-v1.2.0
tf-mod-byo-vpc-v1.3.0
tf-mod-byo-vpc-v1.4.0
tf-mod-byo-vpc-v1.5.0
tf-mod-byo-vpc-v1.6.0
tf-mod-byo-vpc-v1.6.1
tf-mod-byo-vpc-v1.7.0
tf-mod-byo-vpc-v1.7.1
tf-mod-byo-vpc-v1.8.0
tf-mod-byo-vpc-v1.8.1
tf-mod-byo-vpc-v1.8.2
tf-mod-byo-vpc-v1.8.3
tf-mod-byo-vpc-v1.9.0

tf-mod-root-v1.*

tf-mod-root-v1.0.0
tf-mod-root-v1.1.0
tf-mod-root-v1.1.1
tf-mod-root-v1.10.0
tf-mod-root-v1.11.0
tf-mod-root-v1.11.1
tf-mod-root-v1.2.0
tf-mod-root-v1.3.0
tf-mod-root-v1.4.0
tf-mod-root-v1.5.0
tf-mod-root-v1.5.1
tf-mod-root-v1.6.0
tf-mod-root-v1.6.1
tf-mod-root-v1.7.0
tf-mod-root-v1.7.1
tf-mod-root-v1.7.2
tf-mod-root-v1.7.3
tf-mod-root-v1.8.0
tf-mod-root-v1.9.0
tf-mod-root-v1.9.1

v0.*

v0.0.4
v0.0.5
v0.0.6
v0.0.7

v4.*

v4.0.0
v4.0.0-rc1
v4.0.0-rc2
v4.0.0-rc3
v4.0.1
v4.1.0
v4.28.0
v4.36.0
v4.37.0
v4.43.4