CVE-2026-55672

zitadel · zitadel

ZITADEL is affected by vulnerabilities related to improper authentication and incorrect authorization, potentially allowing unauthorized access or privilege escalation.

Executive summary

The ZITADEL identity management platform contains authentication and authorization flaws that could lead to severe security compromises.

Vulnerability

This vulnerability involves Improper Authentication (CWE-287) and Incorrect Authorization (CWE-863). The flaw allows unauthenticated remote attackers to potentially bypass security controls due to the identified logic errors in the platform.

Business impact

Successful exploitation of these vulnerabilities could lead to total unauthorized access to the identity management platform. Given a CVSS score of 7.4, this represents a high-severity risk that could result in the compromise of user credentials, unauthorized administrative actions, and significant data breaches within the identity infrastructure.

Remediation

Immediate Action: Update ZITADEL to version 4.15.2 or 3.4.12 immediately to resolve the identified authentication and authorization flaws.

Proactive Monitoring: Review ZITADEL access and audit logs for unusual authentication patterns or unauthorized attempts to access administrative functions.

Compensating Controls: Ensure the ZITADEL instance is protected by a robust Web Application Firewall (WAF) configured to block suspicious traffic patterns targeting authentication endpoints.

Exploitation status

Public Exploit Available: No (exploit_available: false)

Analyst recommendation

The severity of this vulnerability, combined with its impact on identity management, necessitates an immediate update. Organizations should prioritize patching affected instances to the specified secure versions to prevent potential unauthorized access and maintain the integrity of their identity management systems.