StrongKey FIDO Server Passkey Authentication Bypass Vulnerability
Vulnerability
A vulnerability exists in StrongKey FIDO Server versions prior to 4.15.1, where the server incorrectly treats non-discoverable credential flows as discoverable. This flaw allows an attacker to bypass authentication and gain access to any user's account by exploiting the non-discoverable credential authentication process.
Impact
Exploitation of this vulnerability allows for unauthorized access to user accounts by bypassing the intended authentication process for non-discoverable credentials.
Reproduction
To reproduce this vulnerability, first install StrongKey FIDO Server version 4.15.0 or earlier. Register two users: an attacker and a victim. Initiate the preauthentication process for the victim user, which will return a challenge and the victim's credential ID. Intercept this response and replace the credential ID with that of the attacker. After sending the modified request, authenticate using the attacker's passkey. This will successfully log into the victim's account, demonstrating the authentication bypass.
Remediation
Users are advised to update StrongKey FIDO Server to version 4.15.1.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.