Product Security Advisories

RSS Feed

DUO-PSA-2021-001: Duo Product Security Advisory

Duo Security has fixed an issue that could have allowed an attacker with primary credentials of another user to bypass...
DUO-PSA-2020-004: Duo Product Security Advisory

Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL...
DUO-PSA-2020-003: Duo Product Security Advisory

Duo has identified and fixed an issue in the DuoConnect client that allows end-users to choose insecure configurations.
DUO-PSA-2020-002: Duo Product Security Advisory

Duo Engineering has identified and fixed an issue with directory sync for on-premises Microsoft Active Directory, OpenLDAP, and...
DUO-PSA-2020-001: Duo Product Security Advisory

Duo has identified and fixed an issue with Directory Sync where enrollment emails were sent to users regardless of whether the...
DUO-PSA-2019-002: Duo Product Security Advisory

A third-party software library, which the Duo Access Gateway (DAG) uses to enable SAML as a first-factor authentication source,...
DUO-PSA-2019-001: Duo Product Security Advisory

A Duo customer has identified an issue where Duo Authentication for Windows Logon could incorrectly enforce "failmode"...
DUO-PSA-2018-004: Duo Product Security Advisory

Duo has identified and fixed an issue with the Duo Access Gateway (DAG). This issue could have allowed for data exposure on the...
DUO-PSA-2018-003: Duo Product Security Advisory

Duo has identified and fixed an issue with our documentation for the Duo Authentication Proxy integration with VMware Horizon...
DUO-PSA-2018-002: Duo Product Security Advisory

Duo has identified and fixed an issue with the Duo administrative panel. This issue could have allowed for a second-factor...
DUO-PSA-2018-001: Duo Product Security Advisory

Duo has identified and fixed an issue with our public documentation on the Duo Unix integration. The suggested Pluggable...
DUO-PSA-2017-003: Duo Product Security Advisory

Duo Security has identified a security flaw in a third-party library used in the Duo Network Gateway (DNG) which, under certain...
DUO-PSA-2017-002: Duo Product Security Advisory

Duo Security has identified an issue in duo_unix, which, under certain uncommon configurations, could enable attackers to...
DUO-PSA-2017-001: Duo Product Security Advisory

Duo has identified and fixed an issue in our cloud service which, under certain configurations, could have enabled attackers...
DUO-PSA-2016-002: Duo Product Security Advisory

Duo Security has identified an issue in the Duo Authentication Proxy which, under certain uncommon configurations, could enable...
DUO-PSA-2016-001: Duo Product Security Advisory

Duo Security has identified multiple issues in the Duo Authentication Proxy which, under certain configurations, could enable...
DUO-PSA-2015-003: Duo Product Security Advisory

Duo Security has identified an issue which, under certain configurations, could have enabled attackers to bypass second-factor...
DUO-PSA-2015-002: Duo Product Security Advisory

Duo Security has identified an issue in recent versions of Duo Mobile for iOS that could allow attackers to perform a...
DUO-PSA-2015-001: Duo Product Security Advisory

Duo Security has identified an issue in certain versions of the Duo Web SDK that could allow attackers to bypass primary and...
DUO-PSA-2014-008: Duo Product Security Advisory

Duo Security has identified an issue in the iOS Duo Mobile app that may allow credentials to be backed up in an encrypted form...
DUO-PSA-2014-007: Duo Product Security Advisory

Duo Security has identified an issue that may allow local users to bypass second factor authentication when using the pam_duo...
DUO-PSA-2014-006: Duo Product Security Advisory

Duo Security has identified an issue in which it may be possible for users to perform certain actions without completing...
DUO-PSA-2014-005: Duo Product Security Advisory

Duo Security has identified an issue in its Credential-Provider based Remote Desktop Protocol (RDP) integrations (e.g. those...
DUO-PSA-2014-004: Duo Product Security Advisory

Duo Security has identified an issue in which it is possible to bypass second factor authentication of multisite WordPress...
DUO-PSA-2014-003: Duo Product Security Advisory

Duo Security has identified an issue in which it is possible to bypass second factor authentication of Remote Desktop Protocol...
DUO-PSA-2014-002: Duo Product Security Advisory

Duo Security has identified an issue in which it is possible to bypass second factor authentication of Remote Desktop Web...
DUO-PSA-2014-001: Duo Product Security Advisory

Older versions of the Duo Security Outlook Web Access (OWA) integration may be vulnerable to a bypass of the second...

Multi-Factor Authentication (MFA)

Remote Access

Device Trust

Single Sign-On (SSO)

Adaptive Access Policies

Duo MFA

Duo Access

Duo Beyond

Duo Free

Duo Federal

Duo Technology Partner Program

Duo Managed Service Providers

Duo Security Solution Providers

Product Security Advisories

Government Solutions

Use Cases

Support for Administrators

Support for Duo End Users

Additional Topics

Popular Topics

Docs for Duo Editions

Integrations