Multiple Critical Flaws Hit Zero Trust Products from Check Point, Zscaler, and Netskope
gbhackersSecurity researchers at AmberWolf have uncovered critical vulnerabilities in leading Zero Trust Network Access (ZTNA) solutions from major cybersecurity vendors, potentially exposing thousands of organizations to authentication bypasses and privilege escalation attacks.
The findings were presented at DEF CON 33 in Las Vegas, raising serious questions about the security of next-generation remote access technologies that are rapidly replacing traditional VPNs.
Critical Authentication Bypasses Discovered
The seven-month research campaign conducted by David Cash and Richard Warren revealed multiple high-severity flaws affecting Zscaler, Netskope, and Check Point’s Perimeter 81 products.
| Vendor | Product | Vulnerability | CVE |
| Netskope | Client | Authentication bypass in IdP enrollment | CVE-2024-7401 |
| Netskope | Client | Cross-organization user impersonation | Pending |
| Netskope | Client | Privilege escalation via rogue server | Pending |
| Zscaler | Platform | SAML authentication bypass | CVE-2025-54982 |
| Check Point | Perimeter 81 | Hard-coded SFTP credentials | Not assigned |
These vulnerabilities enable attackers to completely bypass authentication mechanisms, impersonate users across different organizations, and gain unauthorized access to internal ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE