Product Security Advisories

RSS Feed

DUO-PSA-2019-002: Duo Product Security Advisory

A third-party software library, which the Duo Access Gateway (DAG) uses to enable SAML as a first-factor authentication source,...
DUO-PSA-2019-001: Duo Product Security Advisory

A Duo customer has identified an issue where Duo Authentication for Windows Logon could incorrectly enforce "failmode"...
DUO-PSA-2018-004: Duo Product Security Advisory

Duo has identified and fixed an issue with the Duo Access Gateway (DAG). This issue could have allowed for data exposure on the...
DUO-PSA-2018-003: Duo Product Security Advisory

Duo has identified and fixed an issue with our documentation for the Duo Authentication Proxy integration with VMware Horizon...
DUO-PSA-2018-002: Duo Product Security Advisory

Duo has identified and fixed an issue with the Duo administrative panel. This issue could have allowed for a second-factor...
DUO-PSA-2018-001: Duo Product Security Advisory

Duo has identified and fixed an issue with our public documentation on the Duo Unix integration. The suggested Pluggable...
DUO-PSA-2017-003: Duo Product Security Advisory

Duo Security has identified a security flaw in a third-party library used in the Duo Network Gateway (DNG) which, under certain...
DUO-PSA-2017-002: Duo Product Security Advisory

Duo Security has identified an issue in duo_unix, which, under certain uncommon configurations, could enable attackers to...
DUO-PSA-2017-001: Duo Product Security Advisory

Duo has identified and fixed an issue in our cloud service which, under certain configurations, could have enabled attackers...
DUO-PSA-2016-002: Duo Product Security Advisory

Duo Security has identified an issue in the Duo Authentication Proxy which, under certain uncommon configurations, could enable...
DUO-PSA-2016-001: Duo Product Security Advisory

Duo Security has identified multiple issues in the Duo Authentication Proxy which, under certain configurations, could enable...
DUO-PSA-2015-003: Duo Product Security Advisory

Duo Security has identified an issue which, under certain configurations, could have enabled attackers to bypass second-factor...
DUO-PSA-2015-002: Duo Product Security Advisory

Duo Security has identified an issue in recent versions of Duo Mobile for iOS that could allow attackers to perform a...
DUO-PSA-2015-001: Duo Product Security Advisory

Duo Security has identified an issue in certain versions of the Duo Web SDK that could allow attackers to bypass primary and...
DUO-PSA-2014-008: Duo Product Security Advisory

Duo Security has identified an issue in the iOS Duo Mobile app that may allow credentials to be backed up in an encrypted form...
DUO-PSA-2014-007: Duo Product Security Advisory

Duo Security has identified an issue that may allow local users to bypass second factor authentication when using the pam_duo...
DUO-PSA-2014-006: Duo Product Security Advisory

Duo Security has identified an issue in which it may be possible for users to perform certain actions without completing...
DUO-PSA-2014-005: Duo Product Security Advisory

Duo Security has identified an issue in its Credential-Provider based Remote Desktop Protocol (RDP) integrations (e.g. those...
DUO-PSA-2014-004: Duo Product Security Advisory

Duo Security has identified an issue in which it is possible to bypass second factor authentication of multisite WordPress...
DUO-PSA-2014-003: Duo Product Security Advisory

Duo Security has identified an issue in which it is possible to bypass second factor authentication of Remote Desktop Protocol...
DUO-PSA-2014-002: Duo Product Security Advisory

Duo Security has identified an issue in which it is possible to bypass second factor authentication of Remote Desktop Web...
DUO-PSA-2014-001: Duo Product Security Advisory

Older versions of the Duo Security Outlook Web Access (OWA) integration may be vulnerable to a bypass of the second...