CVE-2025-23013:The Yubico pam-u2f product has a vulnerability (CVE-2025-23013) that allows for an authentication bypass in some configurations, leading to potential local privilege escalation.

splash
Back

Description Preview

The vulnerability exists in Yubico's pam-u2f product versions less than 1.3.1. This product implements a Pluggable Authentication Module (PAM) that can be deployed to support authentication using a YubiKey or other FIDO compliant authenticators on macOS or Linux. The software package has an issue that allows for an authentication bypass in some configurations. An attacker would require the ability to access the system as an unprivileged user. Depending on the configuration, the attacker may also need to know the user's password. The vulnerability has been assigned a high severity score of 7.3.

Overview

The vulnerability (CVE-2025-23013) is related to unexpected status code or return value (CWE-394). The issue allows for an authentication bypass in some configurations of Yubico's pam-u2f product. An attacker with access to the system as an unprivileged user can potentially exploit this vulnerability to escalate their privileges. The vulnerability affects versions of the product less than 1.3.1.

Remediation

Users of Yubico's pam-u2f product are advised to upgrade to version 1.3.1 or later to mitigate the vulnerability. It is also recommended to review system configurations to ensure they do not allow for potential authentication bypass.

References

  1. Yubico Security Advisory: https://www.yubico.com/support/security-advisories/ysa-2025-01/
  2. Openwall Security Discussion: http://www.openwall.com/lists/oss-security/2025/01/15/1
  3. Debian Security Announcement: https://lists.debian.org/debian-lts-announce/2025/02/msg00001.html

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  5. Construction
    Construction
  6. Educational Services
    Educational Services
  7. Finance and Insurance
    Finance and Insurance
  8. Health Care & Social Assistance
    Health Care & Social Assistance
  9. Information
    Information
  10. Management of Companies & Enterprises
    Management of Companies & Enterprises
  11. Manufacturing
    Manufacturing
  12. Mining
    Mining
  13. Other Services (except Public Administration)
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  15. Public Administration
    Public Administration
  16. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  17. Retail Trade
    Retail Trade
  18. Transportation & Warehousing
    Transportation & Warehousing
  19. Utilities
    Utilities
  20. Wholesale Trade
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background