14 matches found
CVE-2026-34397 himmelblau: NSS fake-primary group lookup reintroduces name collision risk
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...
EUVD-2025-17031
Malicious code in bioql PyPI...
CVE-2025-59044 Himmelblau vulnerable to GID collision via group name-derived mapping (privilege escalation)
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf idattrmap = name the default configuration. Because Microsoft Entra ID allows multiple groups with the same...
CVE-2025-59044
CVE-2025-59044 affects Himmelblau 0.9.x, where group-to-GID mapping derives numeric GIDs from Entra ID group displayName when id_attr_map = name. This can cause distinct groups sharing a displayName to collapse to the same GID on Linux, enabling privilege escalation if access is controlled by num...
CVE-2025-54882 Himmelblau's Kerberos credential cache collection is world readable
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created credential cache collection and received credentials...
CVE-2025-53013
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
CVE-2025-53013
Summary (CVE-2025-53013, Himmelblau) : Versions 0.9.10–0.9.16 allow offline authentication to a Linux host via Himmelblau using an invalid Linux Hello PIN. The root cause is an incorrect handling in acquire_token_by_hello_for_business_key: offline, a TPMFail is expected for an invalid key, but a ...
CVE-2025-53013 Himmelblau offline auth permits authentication with invalid Hello PIN
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
PT-2025-27005
Name of the Vulnerable Software and Affected Versions: Himmelblau versions 0.9.10 through 0.9.16 Description: A vulnerability in Himmelblau allows a user to authenticate to a Linux host using an invalid Linux Hello PIN when the host is offline. This issue arises from an incorrect assumption in th...
CVE-2025-49012
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau versions 0.9.0 through 0.9.14 and 1.00-alpha are vulnerable to a privilege escalation issue when Entra ID group-based access restrictions are configured using group display names instead of object IDs...
CVE-2025-49012 Himmelblau's Name-Based Group Matching in `pam_allow_groups` Leads to Potential Security Bypass
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau versions 0.9.0 through 0.9.14 and 1.00-alpha are vulnerable to a privilege escalation issue when Entra ID group-based access restrictions are configured using group display names instead of object IDs...
PT-2025-23984 · Microsoft +1 · Azure Entra Id +2
Name of the Vulnerable Software and Affected Versions: Himmelblau versions 0.9.0 through 0.9.14 Himmelblau version 1.00-alpha Description: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. The issue arises when Entra ID group-based access restrictions are configured...
CVE-2025-24034
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in debug logs. When debug logging is enabled, user access tokens are inadvertently logged, potentially...
CVE-2025-24034 Himmelblau leaks credentials in the debug log
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in debug logs. When debug logging is enabled, user access tokens are inadvertently logged, potentially...