During analysis, security experts determined that the vulnerability could be exploited to intercept and manipulate authentication processes, potentially leading to complete account takeover scenarios. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This vulnerability specifically affects the AD authentication flow in Windows-based installations that don’t have Active Directory Single Sign-On (SSO) configurations enabled. The vulnerability was discovered and responsibly disclosed by security researcher Muhammed Mekkawy through ManageEngine’s Bug Bounty program. The vulnerability, tracked as CVE-2025-1724, affects all Windows builds prior to 6130 and was patched on March 11, 2025. This remediation prevents the interception and manipulation of authentication data that made the vulnerability exploitable. Successful exploitation could enable attackers to gain unauthorized access to sensitive data analytics dashboards, reports, and underlying data sources connected to the platform. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. The vulnerability effectively compromises the authentication boundary that segregates user accounts. Security teams are urged to update affected systems immediately to mitigate the risk of account takeovers. The authentication flaw allows attackers to potentially capture and replay authentication tokens, effectively impersonating legitimate users without requiring their credentials. ManageEngine has addressed this vulnerability in build 6130, released on March 11, 2025.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 17 Mar 2025 13:45:05 +0000