Security Bulletin S25-02

Description

A weakness was identified with the File Permission display connector that is only deployed in a few customer’s environments to address a rare use case. This issue could have allowed an actor with access to the customers internal network, specifically the server hosting this agent, to read permissions of sites, folders and files for SharePoint. The permission display connector is limited to only reading permissions and does not have access to the file contents. To exploit this weakness, multiple pre-conditions need to be met:

The actor will need to gain access to the customers’ network bypassing all preventive and detective controls
The encryption mechanism protecting the secret phrase must be successfully bypassed
The actor will need to have gained access into the server hosting the File Permission display connector

Affected Versions

Affected versions include 24.8 GA and prior.

Investigation Findings

Upon learning about the security weakness, Saviynt took action to understand the root cause and remediated the issue. Investigations did not indicate any impact to systems or data. To reiterate, this connector is a rare use case for our customers.

Action Required

Customers who utilize this connector should upgrade the EIC to 24.9 GA release or above and upgrade the File Permission Display Connector accordingly.

The updated connector agent can be found at the below link

https://docs.saviyntcloud.com/bundle/EIC-Artifacts/page/Content/Saviynt-Enterprise-Identity-Cloud-Artifacts.htm

Credits

Achmea Security Assessment Team (SAT)

Contact Information

Any questions may be directed to security@saviynt.com

Products

Advanced Capabilities

Integrations

By role

By use case

By industry

Identity Impact Analysis

Why customers love us

For Partners

Connect with a Partner

Find the right Saviynt Partner

Weekly Live Demo Series

Date: May 30 2025