EXECUTIVE SUMMARY:
CVE-2026-45575 with a CVSS score of 7.4 is a vulnerability in the epa4all-client package, specifically affecting versions less than 1.2.2. The vulnerability arises from the improper verification of a cryptographic signature, allowing an attacker who can perform a man-in-the-middle (MITM) attack on the TLS connection between the client and the IDP within the TI network to substitute a forged discovery document. This document redirects the client to attacker-controlled URLs, allowing the attacker to capture the signed authentication material by having the client encrypt the challenge response to the attacker's encryption key and POST it to the attacker's auth endpoint. As a result, the attacker gains the capability to intercept and manipulate authentication material, potentially leading to unauthorized access to the system or sensitive data. The business impact and consequences of this vulnerability include compromised user authentication and potential data breaches, emphasizing the need for prompt remediation to prevent exploitation.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-45575 with a CVSS score of 7.4 is a vulnerability in the epa4all-client package, specifically affecting versions less than 1.2.2. The vulnerability arises from the improper verification of a cryptographic signature, allowing an attacker who can perform a man-in-the-middle (MITM) attack on the TLS connection between the client and the IDP within the TI network to substitute a forged discovery document. This document redirects the client to attacker-controlled URLs, allowing the attacker to capture the signed authentication material by having the client encrypt the challenge response to the attacker's encryption key and POST it to the attacker's auth endpoint. As a result, the attacker gains the capability to intercept and manipulate authentication material, potentially leading to unauthorized access to the system or sensitive data. The business impact and consequences of this vulnerability include compromised user authentication and potential data breaches, emphasizing the need for prompt remediation to prevent exploitation.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-gqx7-6552-67hf