Three critical vulnerabilities have been identified in the PAM-PKCS#11 module, a widely used Linux-PAM login module that facilitates X.509 certificate-based user authentication. These vulnerabilities, cataloged under CVE-2025-24032, CVE-2025-24531, and CVE-2025-24031, pose significant risks by allowing attackers to bypass authentication mechanisms, potentially leading to unauthorized access and system disruptions. CVE-2025-24032 – Authentication Bypass via Token Hijacking […]
The post Linux X.509 Certificate-Based User Login Flaws Let Attackers Bypass Authentication appeared first on Cyber Security News.
This article has been indexed from Cyber Security News