How ZeroPath Works
Back to Blog

Brief Summary of CVE-2025-40758: SAML Signature Validation Flaw in Siemens Mendix SAML Module

A brief summary of CVE-2025-40758, a high-severity SAML signature validation vulnerability affecting Siemens Mendix SAML modules prior to V3.6.21 (Mendix 9.24), V4.0.3 (Mendix 10.12), and V4.1.2 (Mendix 10.21). This post outlines affected versions, technical details, and vendor security history based on available information.
CVE Analysis

7 min read

ZeroPath CVE Analysis

ZeroPath CVE Analysis

2025-08-14

Brief Summary of CVE-2025-40758: SAML Signature Validation Flaw in Siemens Mendix SAML Module
Experimental AI-Generated Content

This CVE analysis is an experimental publication that is completely AI-generated. The content may contain errors or inaccuracies and is subject to change as more information becomes available. We are continuously refining our process.

If you have feedback, questions, or notice any errors, please reach out to us.

[email protected]

Introduction

Account hijacking in enterprise Single Sign On environments can lead to unauthorized access to sensitive business applications and data. A recent vulnerability in the Siemens Mendix SAML module (CVE-2025-40758) exposes organizations to this risk by allowing attackers to bypass signature validation in SAML authentication flows.

Siemens is a global leader in industrial automation and digitalization, with Mendix as its flagship low-code application platform. Mendix is widely used in critical infrastructure sectors, making vulnerabilities in its authentication modules particularly impactful for large enterprises and public sector organizations.

Technical Information

CVE-2025-40758 is a flaw in the Mendix SAML module's enforcement of signature validation and binding checks. Specifically, the module does not sufficiently verify the cryptographic signature on SAML assertions or responses. This improper verification, categorized as CWE-347, allows an unauthenticated remote attacker to craft SAML messages that bypass signature validation. In vulnerable SSO configurations, this can result in full account hijacking without any user interaction.

The vulnerability is present in the core SAML authentication logic and affects all Mendix SAML modules prior to the fixed versions. The attack surface includes any network-accessible SAML endpoints configured for SSO. No user interaction is required for exploitation, and the flaw is remotely exploitable. No public code snippets or PoC are available for this issue.

Affected Systems and Versions

  • Mendix SAML (Mendix 9.24 compatible): All versions before V3.6.21
  • Mendix SAML (Mendix 10.12 compatible): All versions before V4.0.3
  • Mendix SAML (Mendix 10.21 compatible): All versions before V4.1.2

Vulnerable configurations include any SSO setup using the affected SAML modules.

Vendor Security History

Siemens Mendix SAML modules have previously been affected by similar authentication and signature validation vulnerabilities. For example, CVE-2023-25957 involved insufficient assertion verification and was rated with a high CVSS score. Siemens typically responds with advisories and patches via its ProductCERT process. However, the recurrence of SAML-related flaws suggests ongoing architectural and implementation challenges in this area.

References

Detect & fix
what others miss

Get startedBook a demo