SB2026050537 - Incorrect authorization in Webauthn Framework



SB2026050537 - Incorrect authorization in Webauthn Framework

Published: May 5, 2026

Security Bulletin ID SB2026050537
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Physical access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Incorrect authorization (CVE-ID: N/A)

CWE-ID: CWE-863 - Incorrect Authorization

CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows an attacker with physical access to bypass user verification requirements.

The vulnerability exists due to incorrect authorization in Webauthn\Bundle\Policy\ClientOverridePolicy and the request options builders when processing client-supplied userVerification overrides in assertion or attestation options requests. An attacker with physical access can supply a crafted userVerification value to bypass user verification requirements.

User interaction is required, and exploitation requires possession of the victim's authenticator or an unlocked device.


Remediation

Install update from vendor's website.