0 day vulnerability in SAML could lead to your SSO being hacked

A new SAML vulnerability could allow Cybercriminals to hack organisations Single-Sign-On to access private data. A flaw in the SAML protocol which is used by all SSO implementations from cloud providers and internal applications was discovered by Duo Security and the US-CERT. It allows an attacker to access users accounts without the need of their password thus not requiring a phishing campaign, they would simply directly exploit the SSO provider.


The Duo Labs technical report is available here. For the CERT/CC advisory click here.

The original Bleeding computer article is here.


To see a new way to manage security from threats see our “Cyber Safety Service