Account Hijacking Vulnerability in Mendix SAML Module

Plan Patch8.7SSA-395458Aug 14, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Mendix SAML module contains a vulnerability that allows unauthenticated remote attackers to hijack user accounts in specific SSO (Single Sign-On) configurations. The vulnerability affects Mendix SAML across multiple compatible versions. Siemens has released patched versions for all affected product lines.

What this means

What could happen

An attacker could gain unauthorized access to user accounts without credentials, potentially allowing them to impersonate operators and manipulate industrial applications or data through compromised SSO authentication.

Who's at risk

This affects organizations using Mendix applications with SAML-based SSO for operator access and system authentication. Any facility relying on Mendix for supervisory control, data management, or operator authentication should prioritize patching. This includes water utilities, electric utilities, manufacturing facilities, and other enterprises using Mendix as part of their control system or operational application stack.

How it could be exploited

An attacker sends a malicious request to the Mendix SAML module during the SSO authentication handshake. By exploiting a flaw in SAML token validation, the attacker can bypass authentication and assume the identity of a legitimate user without providing valid credentials.

Prerequisites

Network access to the Mendix application SAML endpoint
Mendix SAML module in use for SSO authentication
Vulnerable SAML module version deployed (< 3.6.21, < 4.0.3, or < 4.1.2 depending on Mendix version)

remotely exploitableno authentication requiredaccount takeover capabilityaffects access control to operational applicationshigh CVSS score (8.7)

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

Mendix SAML (Mendix 9.24 compatible)< 3.6.213.6.21

Mendix SAML (Mendix 10.12 compatible)< 4.0.34.0.3

Mendix SAML (Mendix 10.21 compatible)< 4.1.24.1.2

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Mendix SAML module compatible with Mendix 9.24 to version 3.6.21 or later

HOTFIXUpdate Mendix SAML module compatible with Mendix 10.12 to version 4.0.3 or later

HOTFIXUpdate Mendix SAML module compatible with Mendix 10.21 to version 4.1.2 or later

CVEs (1)

CVE-2025-40758

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/86218c0e-5b98-46c5-8710-26cf9533d1a5