Authentication Turned on Its Head
Imagine logging in as anyone you choose—simply by exploiting a flaw in how a system verifies SAML SSO responses. This became a reality thanks to a critical vulnerability in the ruby-saml library, where two XML parsers handled the same SAML response differently. Attackers could use a single valid signature to forge assertions, impersonate users, and potentially take over accounts.
Understanding the Roots: SAML, XML Signatures, and Parser Differences
SAML forms the backbone of federated authentication, letting identity providers share user credentials with service providers in a secure, signed format. At its core, robust XML signature verification is essential. However, problems arise with parser differentials—when two XML parsers interpret the same data in different ways. In ruby-saml, REXML and Nokogiri parsed the same SAML document but extracted different elements, breaking the chain of trust in signature validation.
Uncovering the Vulnerability
Security researchers discovered this issue during a private bug bounty and code audit. By observing the signature verification process, they saw that ruby-saml switched between REXML and Nokogiri for handling different SAML assertion pieces. This allowed attackers to craft XML documents so each parser "saw" a different signature element, tricking the system into validating malicious assertions.
- REXML validated the SignatureValue and DigestValue.
- Nokogiri canonicalized and validated SignedInfo and the assertion content.
If the parsers disagreed on which elements they were reading, a valid signature from a benign assertion could be reused to forge assertions for any account.
Proof of Exploit and Real-World Impact
Researchers demonstrated that, by exploiting these parser inconsistencies, an attacker could authenticate as any user within a target organization using a single valid signature. This signature might be harvested during a legitimate login or sourced from public SAML metadata. The exploit hinged on creating SAML responses in which REXML and Nokogiri parsed different signature elements, effectively breaking the intended relationship between signature and assertion.
Fixes and Ongoing Lessons
- Upgrade immediately: Users were urged to update ruby-saml to version 1.18.0, which addresses the vulnerability (CVE-2025-25291 and CVE-2025-25292).
- Update dependencies: Libraries such as omniauth-saml must also be updated to pull in the patched ruby-saml.
- Short-term workaround: Validating parsing errors in Nokogiri can block some attacks, but not all.
Completely removing one parser would provide a more robust fix, but backwards compatibility made this challenging in the short term. The core issue was the absence of a direct, enforceable link between the signed element, its hash, and the signature, allowing two parsers to interpret the same XML in conflicting ways.
What Developers and Security Teams Should Know
- Avoid mixing XML parsers in critical security workflows unless their outputs are guaranteed to match.
- Ensure that only validated data is trusted, and that your validation logic is airtight.
- React quickly to security advisories and update dependencies without delay.
- Support open source maintainers to help ensure prompt fixes and robust security.
Final Thoughts
This vulnerability highlights the complexity of implementing secure protocols like SAML. Subtle inconsistencies between XML parsers can have far-reaching, exploitable consequences. Adopting a single parsing approach and maintaining vigilant dependency management are crucial steps for safeguarding authentication systems.
Original Source
GitHub Security Blog: Sign in as anyone—bypassing SAML SSO authentication with parser differentials
How Parser Differentials Led to a Major SAML SSO Authentication Bypass