Severity by source
AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Network-reachable endpoint, but AC:H captures the rare cross-service topology prerequisite; PR:L because attacker must be authenticated to a co-tenant service on the shared IdP.
Primary rating from Vendor (https://github.com/zitadel/zitadel).
CVSS VectorVendor: https://github.com/zitadel/zitadel
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
3DescriptionCVE.org
Summary
An authentication bypass vulnerability was discovered in ZITADEL's external JWT Identity Provider (IdP) implementation.
When validating JSON Web Tokens (JWTs) from an external provider, ZITADEL properly checks the token's cryptographic signature and issuer (iss), but it fails to validate the audience (aud) claim.
As a result, any validly signed token from the trusted issuer will be accepted. An attacker who is a legitimate user of a completely separate service sharing the same enterprise Identity Provider can intercept or present their token for that service to ZITADEL, successfully authenticating as that user without authorization.
Impact
In a controlled enterprise environment where Identity Providers are explicitly managed, the operational risk is localized. Exploitation requires that an attacker already possesses a valid standard user session token from a shared, trusted issuer intended for an entirely different relying party, limiting the vector to specific, rare cross-service setups where trust boundaries overlap.
Affected Versions
Systems running one of the following versions are affected:
- 4.x:
4.0.0through4.11.0(including RC versions) - 3.x:
3.0.0through3.4.11(including RC versions)
Patches
The vulnerability has been addressed in the latest releases, where a required audience can be set in the IdP configuration. Once provided, audience validation will be enforced.
Workarounds
The recommended solution is to update ZITADEL to a patched version.
If an immediate upgrade is not possible, you can mitigate the risk at the infrastructure layer:
- At the IdP: Ensure the external Identity Provider issues scoped tokens with highly unique, non-overlapping audience values that cannot be misconstrued by separate service deployments.
- At the Perimeter: Deploy a reverse proxy, API gateway, or Web Application Firewall (WAF) layer in front of ZITADEL to inspect incoming identity tokens and explicitly drop requests where the
audfield does not strictly match ZITADEL's deployment target.
Questions
If you have any questions or comments about this advisory, please email us at [security@zitadel.com](mailto:security@zitadel.com)
Credits
Thanks to Android-Login-Analysis, Jason Zhou and Pedro Giglioti for reporting this vulnerability.
AnalysisAI
Authentication bypass in ZITADEL's external JWT Identity Provider allows a legitimate user of a co-tenant service sharing the same enterprise IdP to authenticate to ZITADEL using a token issued for a different relying party. Affected versions span ZITADEL 3.0.0-3.4.11 and 4.0.0-4.11.0; the flaw arises because ZITADEL correctly validates the JWT cryptographic signature and iss claim but entirely omits validation of the aud claim, violating RFC 7519 audience binding semantics. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The external JWT Identity Provider feature in ZITADEL must be configured and in active use - this is a non-default integration requiring an administrator to have explicitly set up a JWT IdP pointing to a trusted external issuer. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N yields a score of 4.2, which accurately reflects the constrained real-world risk: while the flaw is network-reachable, the high attack complexity (AC:H) captures the rare cross-service topology prerequisite, and PR:L reflects that the attacker must already be an authenticated user of another service on the shared IdP. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who is a legitimate authenticated employee using an internal HR portal that shares a corporate Identity Provider with a ZITADEL instance obtains their own valid, unexpired JWT issued for the HR portal. The attacker presents this token directly to ZITADEL's JWT IdP authentication endpoint; ZITADEL validates the cryptographic signature and confirms the trusted issuer matches, but never checks that the `aud` claim identifies ZITADEL as the intended recipient, so it authenticates the attacker as that employee within ZITADEL and grants them the corresponding role-based access. … |
| Remediation | Vendor-released patches are available: upgrade ZITADEL 3.x deployments to version 3.4.12 or later (https://github.com/zitadel/zitadel/releases/tag/v3.4.12) and ZITADEL 4.x deployments to version 4.15.2 or later (https://github.com/zitadel/zitadel/releases/tag/v4.15.2). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-346 – Origin Validation Error
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42958
GHSA-g5h5-m4hm-xjrr