Date: May 30 2025
Security Bulletin S25-02
Description
A weakness was identified with the File Permission display connector that is only deployed in a few customer’s environments to address a rare use case. This issue could have allowed an actor with access to the customers internal network, specifically the server hosting this agent, to read permissions of sites, folders and files for SharePoint. The permission display connector is limited to only reading permissions and does not have access to the file contents. To exploit this weakness, multiple pre-conditions need to be met:
- The actor will need to gain access to the customers’ network bypassing all preventive and detective controls
- The encryption mechanism protecting the secret phrase must be successfully bypassed
- The actor will need to have gained access into the server hosting the File Permission display connector
Affected Versions
Affected versions include 24.8 GA and prior.
Investigation Findings
Upon learning about the security weakness, Saviynt took action to understand the root cause and remediated the issue. Investigations did not indicate any impact to systems or data. To reiterate, this connector is a rare use case for our customers.
Action Required
Customers who utilize this connector should upgrade the EIC to 24.9 GA release or above and upgrade the File Permission Display Connector accordingly.
The updated connector agent can be found at the below link
Credits
Achmea Security Assessment Team (SAT)
Contact Information
Any questions may be directed to security@saviynt.com
Ready to see for yourself?
Request a personalized demo with a Saviynt identity expert