Critical Zero-Days Crack Open CyberArk Password Vaults

Researchers discovered 14 zero-day vulnerabilities in HashiCorp Vault and CyberArk Conjur, popular password vaults used by thousands of companies. These vulnerabilities, some of which had been present for years, allowed for authentication bypass, root access, remote code execution, and ultimately the compromise of all a company’s secrets. Both companies have patched the vulnerabilities, emphasizing the importance of continuous security measures for secret management platforms.