Skip to main content

epa4all-client CVE-2026-45575

HIGH
Improper Verification of Cryptographic Signature (CWE-347)
2026-05-15 https://github.com/oviva-ag/epa4all-client GHSA-gqx7-6552-67hf
7.4
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.4 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

2
Source Code Evidence Fetched
May 15, 2026 - 19:31 vuln.today
Analysis Generated
May 15, 2026 - 19:31 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 1 maven packages depend on com.oviva.telematik:epa4all-client (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 1.2.2.

DescriptionGitHub Advisory

Impact

An attacker who can MITM the TLS connection between the client and the IDP (within the TI network) can substitute a forged discovery document. The forged document redirects u ri_puk_idp_enc and uri_puk_idp_sig to attacker-controlled URLs. The client then encrypts the SMC-B-signed challenge response to the attacker's encryption key and POSTs it to the attacker's auth endpoint. This captures the signed authentication material.

Patches

#36

Workarounds

None.

Resources

  • MS-OVIVA-EPA4ALL-d453c1

Credits

Machine Spirits ([contact@machinespirits.de](mailto:contact@machinespirits.de))

  • Dr. rer. nat. Simon Weber
  • Dipl.-Inf. Volker Schönefeld
  • Chiara Fliegner

AnalysisAI

Authentication bypass in epa4all-client allows MITM attackers positioned within the TI (Telematikinfrastruktur) network to capture SMC-B-signed authentication material by substituting a forged OIDC discovery document. The vulnerability affects all versions prior to 1.2.2 and requires the attacker to intercept TLS connections between the client and Identity Provider. No public exploit identified at time of analysis.

Technical ContextAI

The epa4all-client is a Java library (Maven package com.oviva.telematik:epa4all-client) used in Germany's healthcare telematics infrastructure for electronic patient records (ePA). The vulnerability stems from improper verification of cryptographic signatures (CWE-347) in OIDC discovery documents. During authentication, the client fetches a discovery document that specifies encryption and signature verification endpoints. Without proper validation of the document's authenticity, an attacker can redirect uri_puk_idp_enc and uri_puk_idp_sig to attacker-controlled URLs, causing the client to encrypt sensitive authentication responses using the attacker's public key.

RemediationAI

Vendor-released patch: upgrade to epa4all-client version 1.2.2 or later. The fix is available through standard Maven dependency updates. Technical details of the patch can be reviewed at https://github.com/oviva-ag/epa4all-client/pull/36. The vendor explicitly states no workarounds are available, making immediate patching the only remediation option. Organizations unable to patch immediately should monitor for suspicious authentication patterns and consider enhanced network segmentation within the TI infrastructure to limit potential MITM positions.

CVE-2013-3900 MEDIUM
5.5 Dec 11

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update

CVE-2026-48558 CRITICAL POC
9.5 Jun 12

Authentication bypass in SimpleHelp 5.5.15 and prior (plus 6.0 pre-release builds) allows remote unauthenticated attacke

CVE-2025-59718 CRITICAL
9.8 Dec 09

Authentication bypass in Fortinet FortiOS, FortiProxy, and FortiSwitchManager allows unauthenticated remote attackers to

CVE-2025-25291 CRITICAL POC
9.3 Mar 12

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS

CVE-2025-25292 CRITICAL POC
9.3 Mar 12

ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. Rated critical severity (CVS

CVE-2022-25898 CRITICAL POC
9.8 Jul 01

The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT

CVE-2024-42004 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. Rated criti

CVE-2024-41145 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.27

CVE-2024-41138 CRITICAL POC
9.8 Dec 18

A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work

CVE-2024-45409 CRITICAL POC
9.8 Sep 10

The Ruby SAML library is for implementing the client side of a SAML authorization. Rated critical severity (CVSS 9.8), t

CVE-2022-35929 CRITICAL POC
9.8 Aug 04

cosign is a container signing and verification utility. Rated critical severity (CVSS 9.8), this vulnerability is remote

CVE-2022-31053 CRITICAL POC
9.8 Jun 13

Biscuit is an authentication and authorization token for microservices architectures. Rated critical severity (CVSS 9.8)

Share

CVE-2026-45575 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy