Insecure Direct Object Reference Vulnerability in Zitadel Identity Infrastructure Software

CVE-2025-27507

What is CVE-2025-27507?

CVE-2025-27507 is a critical vulnerability found within Zitadel Identity Infrastructure Software, an open-source solution designed to manage user identity and access. This vulnerability allows unauthorized modification of sensitive settings by authenticated users lacking the necessary identity and access management (IAM) roles. The issue primarily relates to Insecure Direct Object Reference (IDOR) flaws in the application's Admin API, which can jeopardize an organization’s security posture by potentially allowing unauthorized access to sensitive configurations, especially those associated with LDAP settings.

Technical Details

CVE-2025-27507 specifically impacts the Zitadel Identity Infrastructure Software's Admin API, where several endpoints exhibit IDOR vulnerabilities. The prevailing risk is posed to organizations that utilize LDAP for authentication, as the vulnerability allows authenticated users, without proper permissions, to alter critical LDAP configurations. The flaw arises when the application fails to adequately enforce access controls, enabling users to manipulate configuration settings that should be restricted.

Zitadel has issued fixes for this vulnerability in several patched versions: 2.71.0, 2.70.1, 2.69.4, 2.68.4, 2.67.8, 2.66.11, 2.65.6, 2.64.5, and 2.63.8. Organizations are strongly encouraged to upgrade to these versions to mitigate the associated risks.

Potential impact of CVE-2025-27507

1. Unauthorized Configuration Changes: The vulnerability allows a malicious or unprivileged authenticated user to modify critical settings, which can lead to unauthorized access to user data and potentially sensitive resources within the organization.

2. LDAP Manipulation Risks: For organizations utilizing LDAP, the inability to control configurations could mean attackers gain access to user credentials and other sensitive information, leading to potential data breaches.

3. Increased Attack Surface: The presence of this vulnerability can increase an organization's exposure to further attacks, as it may facilitate lateral movement within the network, allowing attackers to leverage altered configurations to further compromise other systems.

References