Siemens Mendix OIDC SSO
Low Risk2.2ICS-CERT ICSA-25-135-15May 13, 2025
Attack VectorNetwork
Auth RequiredHigh
ComplexityHigh
User InteractionNone needed
Summary
The Mendix OIDC SSO module has a privilege misuse vulnerability where read and write access to authentication tokens is controlled by access rules that could be modified by an adversary with administrative access during Mendix development. By default, only the Administrator role can read/write tokens, but an attacker with development environment access could change these access rules to grant themselves token manipulation capabilities. This could allow token forgery and user impersonation within applications relying on this SSO module.
What this means
What could happen
An attacker with administrative access to the Mendix development environment could modify the OIDC SSO module to grant themselves read/write access to authentication tokens, potentially allowing them to forge tokens and impersonate other users within applications that rely on this single sign-on system.
Who's at risk
Organizations running Mendix applications with OIDC SSO for authentication, particularly those using Mendix versions 9 or 10. This affects IT teams managing single sign-on infrastructure and development teams working with the Mendix platform.
How it could be exploited
An attacker must first gain administrative credentials or access to the Mendix development environment, then modify the OIDC.Token entity access rules to bypass the default administrator-only restriction. The attacker could then extract or manipulate tokens to impersonate users in dependent applications.
Prerequisites
- Administrative access to Mendix development environment
- Ability to modify module access control rules during development
- Knowledge of Mendix OIDC SSO module structure
Requires administrative accessHigh attack complexityLow CVSS score (2.2)No active exploitation reportedDevelopment-time vulnerability
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (3)
3 with fix
ProductAffected VersionsFix Status
Mendix OIDC SSO (Mendix 10 compatible)< 4.1.04.1.0
Mendix OIDC SSO (Mendix 10.12 compatible)< 4.0.14.0.1
Mendix OIDC SSO (Mendix 9 compatible)< 3.3.03.3.0
Remediation & Mitigation
0/5
Schedule — requires maintenance window
0/3Patching may require device reboot — plan for process interruption
Mendix OIDC SSO (Mendix 10 compatible)
HOTFIXUpdate Mendix OIDC SSO (Mendix 10 compatible) to version 4.1.0 or later
Mendix OIDC SSO (Mendix 10.12 compatible)
HOTFIXUpdate Mendix OIDC SSO (Mendix 10.12 compatible) to version 4.0.1 or later
Mendix OIDC SSO (Mendix 9 compatible)
HOTFIXUpdate Mendix OIDC SSO (Mendix 9 compatible) to version 3.3.0 if available for your environment
Long-term hardening
0/2HARDENINGVerify that the OIDC.Token entity access rules restrict read/write permissions to the administrator role only; customize roles if administrative tasks require separation of duties
HARDENINGLimit administrative access to the Mendix development environment through credential management and role-based access controls
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/a1b09bbc-1c48-4a78-b662-f6296c0cd879