Cybersecurity researchers uncovered 14 vulnerabilities in CyberArk and HashiCorp enterprise secure vaults, termed Vault Fault. These vulnerabilities allow remote attackers to access corporate identity systems and extract sensitive secrets. Major issues include authentication bypasses, privilege escalation, and remote code execution, with one vulnerability scoring a high CVSS of 9.1. The flaws have been addressed in recent updates, but weaknesses remain in lockout protection that can allow attackers to reset counters and infer valid usernames, compromising multi-factor authentication measures.
The 14 vulnerabilities, collectively named Vault Fault, affect CyberArk Secrets Manager, Self-Hosted, and Conjur Open Source and HashiCorp Vault.
The most severe of the issues allows for remote code execution, enabling attackers to take over the vault without valid credentials.
Vulnerabilities include authentication bypasses, impersonation, privilege escalation bugs, and code execution pathways, affecting enterprise identity systems.
Certain vulnerabilities enable attackers to bypass multi-factor authentication controls and manipulate the lockout protection logic.
Collection
[
|
...
]