Yubico has released a security advisory, YSA-2025-01, which highlighted a vulnerability within the software module that supports two-factor authentication (2FA) for Linux and macOS platforms. This issue, tracked as CVE-2025-23013, allows for a partial 2FA bypass protections when using YubiKeys or other FIDO-compatible authenticators. The vulnerability poses a high-risk security threat and could potentially compromise authentication processes for users relying on Yubico’s open-source pam-u2f software.
First seen on thecyberexpress.com
Jump to article: thecyberexpress.com/yubico-2fa-bypass-vulnerability-advisory/
