CVE-2025-25196 – OpenFGA versions before 1.8.5 contain an author... (How to Fix)

Q: How do I fix CVE-2025-25196?

1. Upgrade OpenFGA to version 1.8.5 or later. 2. Update Helm chart to openfga-0.2.22 or later. 3. Update Docker images to v1.8.5 or later. 4. Restart OpenFGA services. 5. Verify the upgrade was successful.

Q: What is the severity of CVE-2025-25196?

CVE-2025-25196 has a CVSS score of 9.8 (CRITICAL). OpenFGA versions before 1.8.5 contain an authorization bypass vulnerability that allows unauthorized access when specific Check and ListObject API calls are made under certain model configurations. This affects users with models containing relations assignable to both public access and usersets of the same type, where attackers can bypass intended authorization controls. The vulnerability impacts all deployments using affected OpenFGA versions with vulnerable model configurations.

📋 TL;DR

OpenFGA versions before 1.8.5 contain an authorization bypass vulnerability that allows unauthorized access when specific Check and ListObject API calls are made under certain model configurations. This affects users with models containing relations assignable to both public access and usersets of the same type, where attackers can bypass intended authorization controls. The vulnerability impacts all deployments using affected OpenFGA versions with vulnerable model configurations.

💻 Affected Systems

Products:

OpenFGA

Versions: OpenFGA < v1.8.4 (Helm chart < openfga-0.2.22, docker < v1.8.4)

Operating Systems: All

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when specific model configurations exist: 1) Model has relation assignable to both public access AND userset with same type, 2) Type bound public access tuple assigned to object, 3) Userset tuple not assigned to same object, 4) Check request's user field is userset with same type as public access tuple's user type.

📦 What is this software?

Helm Charts by Openfga

View all CVEs affecting Helm Charts →

Openfga by Openfga

View all CVEs affecting Openfga →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete authorization bypass allowing unauthorized access to protected resources, potentially leading to data breaches, privilege escalation, and full system compromise.

🟠

Likely Case

Unauthorized access to specific objects or resources that should be protected by authorization policies, leading to data exposure or unauthorized actions.

🟢

If Mitigated

Limited impact if proper network segmentation, least privilege access, and monitoring are in place to detect anomalous authorization patterns.

🌐 Internet-Facing: HIGH - OpenFGA is often deployed as an authorization service for applications, making internet-facing instances prime targets for exploitation.

🏢 Internal Only: HIGH - Even internal deployments are at risk as attackers could pivot from other compromised systems to exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of OpenFGA's authorization model and specific vulnerable configurations. Attackers need to craft specific Check or ListObject API calls with particular parameters.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v1.8.5

Vendor Advisory: https://github.com/openfga/openfga/security/advisories/GHSA-g4v5-6f5p-m38j

Restart Required: Yes

Instructions:

1. Upgrade OpenFGA to version 1.8.5 or later. 2. Update Helm chart to openfga-0.2.22 or later. 3. Update Docker images to v1.8.5 or later. 4. Restart OpenFGA services. 5. Verify the upgrade was successful.

🧯 If You Can't Patch

Review and modify authorization models to avoid configurations where relations are assignable to both public access and usersets of the same type.
Implement additional authorization checks at the application layer to validate OpenFGA responses before granting access.

🔍 How to Verify

Check if Vulnerable:

Check OpenFGA version: kubectl get deployment openfga -o jsonpath='{.spec.template.spec.containers[0].image}' or docker inspect openfga/openfga:tag. Verify version is <1.8.4. Review authorization models for vulnerable configurations described in advisory.

Check Version:

curl -X GET http://openfga-host:8080/version or check container/image version directly

Verify Fix Applied:

Confirm OpenFGA version is 1.8.5 or higher. Test Check and ListObject API calls with previously vulnerable model configurations to ensure proper authorization enforcement.

📡 Detection & Monitoring

Log Indicators:

Unusual patterns of Check/ListObject API calls with specific parameter combinations
Authorization failures followed by successful access to protected resources
Multiple failed authorization attempts from single source

Network Indicators:

Unusual API call patterns to OpenFGA endpoints
Traffic spikes to authorization endpoints
Requests with crafted user/object parameters

SIEM Query:

source="openfga" AND (operation="Check" OR operation="ListObjects") AND status="success" AND previous_events="authorization_failure"

📊 Metadata

CVE ID: CVE-2025-25196

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-285

EPSS Score: 0.28% exploit probability (50.9th percentile)

Published: February 19, 2025

Last Updated: December 31, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25196, you might also want to check these: