Description
Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds.
Published: 2026-03-27
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The Mac OS version of gematik Authenticator, spanning versions 4.12.0 through 4.15.x, is susceptible to remote code execution when a user opens a malicious file. This flaw permits an attacker to run arbitrary code on the victim’s machine, potentially compromising all data and operations on that device.

Affected Systems

The affected product is gematik Authenticator for macOS. Versions 4.12.0, 4.13.0, 4.14.0, and 4.15.x are vulnerable, while version 4.16.0 and newer contain the required fix.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, while the EPSS score of less than 1% suggests a low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the exploit is triggered when a user opens a malicious file, indicating a social engineering vector such as email attachments or downloaded files. There are no known workarounds.

Generated by OpenCVE AI on April 2, 2026 at 05:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update gematik Authenticator to version 4.16.0 or later.
  • Verify that the running Authenticator version is 4.16.0 or newer to ensure the fix is applied.

Generated by OpenCVE AI on April 2, 2026 at 05:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Gematik authenticator
CPEs cpe:2.3:a:gematik:authenticator:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Gematik authenticator

Tue, 31 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Gematik
Gematik app-authenticator
Vendors & Products Gematik
Gematik app-authenticator

Fri, 27 Mar 2026 20:45:00 +0000

Type Values Removed Values Added
Description Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds.
Title Authenticator vulnerable to Remote Code Execution
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Apple Macos
Gematik App-authenticator Authenticator
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-31T18:54:14.187Z

Reserved: 2026-03-24T15:10:05.679Z

Link: CVE-2026-33874

cve-icon Vulnrichment

Updated: 2026-03-31T18:51:17.513Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-27T21:17:24.213

Modified: 2026-04-01T13:42:22.553

Link: CVE-2026-33874

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:55:24Z

Weaknesses