Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults from CyberArk and HashiCorp that, if successfully exploited, can allow remote attackers to crack open corporate identity systems and extract enterprise secrets and tokens from them.
The 14 vulnerabilities, collectively named Vault Fault, affect CyberArk Secrets Manager, Self-Hosted, and Conjur Open Source and HashiCorp Vault, according to a report from an identity security firm Cyata. Following responsible disclosure in May 2025, the flaws have been addressed in the following versions -
- CyberArk Secrets Manager and Self-Hosted 13.5.1 and 13.6.1
- CyberArk Conjur Open Source 1.22.1
- HashiCorp Vault Community Edition 1.20.2 or Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24
These include authentication bypasses, impersonation, privilege escalation bugs, code execution pathways, and root token theft. The most severe of the issues allows for remote code execution, allowing attackers to takeover the vault under certain conditions without any valid credentials -
- CVE-2025-49827 (CVSS score: 9.1) - Bypass of IAM authenticator in CyberArk Secrets Manager
- CVE-2025-49831 (CVSS score: 9.1) - Bypass of IAM authenticator in CyberArk Secrets Manager via a misconfigured network device
- CVE-2025-49828 (CVSS score: 8.6) - Remote code execution in CyberArk Secrets Manager
- CVE-2025-6000 (CVSS score: 9.1) - Arbitrary remote code execution via plugin catalog abuse in HashiCorp Vault
- CVE-2025-5999 (CVSS score: 7.2) - Privilege escalation to root via policy normalization in HashiCorp Vault
In addition, vulnerabilities have also been discovered in HashiCorp Vault's lockout protection logic, which is designed to throttle brute-force attempts, that could permit an attacker to infer which usernames are valid by taking advantage of a timing-based side channel and even reset the lockout counter by changing the case of a known username (e.g., admin to Admin).
Two other shortcomings identified by the Israeli company made it possible to weaken lockout enforcement and bypass multi-factor authentication (MFA) controls when username_as_alias=true in the LDAP auth configuration and MFA enforcement is applied at the EntityID or IdentityGroup level.
In the attack chain detailed by the cybersecurity company, it's possible to leverage a certificate entity impersonation issue (CVE-2025-6037) with CVE-2025-5999 and CVE-2025-6000 to break the authentication layer, escalate privileges, and achieve code execution. CVE-2025-6037 and CVE-2025-6000 are said to have existed for over eight and nine years, respectively.
Armed with this capability, a threat actor could further weaponize the access to delete the "core/hsm/_barrier-unseal-keys" file, effectively turning a security feature into a ransomware vector. What's more, the Control Group feature can be undermined to send HTTP requests and receive responses without being audited, creating a stealthy communication channel.
"This research shows how authentication, policy enforcement, and plugin execution can all be subverted through logic bugs, without touching memory, triggering crashes, or breaking cryptography," security researcher Yarden Porat said.
In a similar vein, the vulnerabilities discovered in CyberArk Secrets Manager/Conjur allow for authentication bypass, privilege escalation, information disclosure, and arbitrary code execution, effectively opening the door to a scenario where an attacker can craft an exploit chain to obtain unauthenticated access and run arbitrary commands.
The attack sequence unfolds as follows -
- IAM authentication bypass by forging valid-looking GetCallerIdentity responses
- Authenticate as a policy resource
- Abuse the Host Factory endpoint to create a new host that impersonates a valid policy template
- Assigned a malicious Embedded Ruby (ERB) payload directly to the host
- Trigger the execution of the attached ERB by invoking the Policy Factory endpoint
"This exploit chain moved from unauthenticated access to full remote code execution without ever supplying a password, token, or AWS credentials," Porat noted.
