CVE-2026-33875: CWE-940: Improper Verification of Source of a Communication Channel in gematik app-Authenticator
Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update Gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds.
AI Analysis
Technical Summary
The gematik app-Authenticator before version 4.16.0 suffers from CWE-940, improper verification of the source of a communication channel. This flaw allows an attacker to hijack the authentication flow by leveraging malicious deep links clicked by victim users. Successful exploitation can result in the attacker authenticating as the victim, compromising user identity and access to digital health applications. The vulnerability is rated critical with a CVSS 3.1 score of 9.3, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, scope changed, and high impact on confidentiality and integrity. The vendor has released version 4.16.0 to address this issue.
Potential Impact
Exploitation of this vulnerability allows attackers to impersonate victim users by hijacking the authentication flow, leading to unauthorized access to digital health applications. This compromises user confidentiality and integrity of authentication processes. There is no impact on availability reported. No known exploits are currently in the wild.
Mitigation Recommendations
Update the gematik app-Authenticator to version 4.16.0 or later to apply the official fix. There are no known workarounds. Users should ensure they do not click on suspicious deep links until the update is applied.
CVE-2026-33875: CWE-940: Improper Verification of Source of a Communication Channel in gematik app-Authenticator
Description
Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update Gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The gematik app-Authenticator before version 4.16.0 suffers from CWE-940, improper verification of the source of a communication channel. This flaw allows an attacker to hijack the authentication flow by leveraging malicious deep links clicked by victim users. Successful exploitation can result in the attacker authenticating as the victim, compromising user identity and access to digital health applications. The vulnerability is rated critical with a CVSS 3.1 score of 9.3, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, scope changed, and high impact on confidentiality and integrity. The vendor has released version 4.16.0 to address this issue.
Potential Impact
Exploitation of this vulnerability allows attackers to impersonate victim users by hijacking the authentication flow, leading to unauthorized access to digital health applications. This compromises user confidentiality and integrity of authentication processes. There is no impact on availability reported. No known exploits are currently in the wild.
Mitigation Recommendations
Update the gematik app-Authenticator to version 4.16.0 or later to apply the official fix. There are no known workarounds. Users should ensure they do not click on suspicious deep links until the update is applied.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-24T15:10:05.679Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69c6ec5f3c064ed76ff25042
Added to database: 3/27/2026, 8:45:19 PM
Last enriched: 4/4/2026, 5:57:23 AM
Last updated: 5/12/2026, 1:41:23 AM
Views: 106
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.