CISA Warns of Langflow Missing Authentication Vulnerability Exploited in Attacks
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
CISA has added a critical Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, identified as CVE-2025-3248, allows unauthenticated remote attackers to execute arbitrary code on vulnerable servers running the popular open-source AI workflow platform.
CISA added the vulnerability to its KEV catalog on May 5, 2025, and has mandated Federal Civilian Executive Branch (FCEB) agencies to apply necessary patches by May 26, 2025, in accordance with Binding Operational Directive (BOD) 22-01.
While this directive specifically applies to federal agencies, CISA strongly recommends all organizations using Langflow to immediately update their installations.
Langflow Missing Authentication Vulnerability
The vulnerability, tracked as CWE-306 (Missing Authentication for Critical Function), has received a critical CVSS score of 9.8 out of 10.0, indicating its severe nature.
According to security researchers, the flaw exists in the /api/v1/validate/code endpoint which improperly invokes Python’s built-in exec() function on user-supplied code without adequate authentication or sandboxing.
“Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests,” CISA stated in its advisory.
Security firm Horizon3.ai, which discovered and reported the vulnerability in February 2025, described it as “easily exploitable” and warned that it provides unauthenticated attackers with the ability to take complete control of vulnerable Langflow servers.
Censys, an attack surface management platform, has identified approximately 466 internet-exposed Langflow instances globally, with most concentrated in the United States, Germany, Singapore, India, and China. These exposed instances could potentially be targeted if left unpatched.
A proof-of-concept (PoC) exploit was publicly released on April 9, 2025, further elevating the risk for unpatched systems.
Security researcher VeryLazyTech published a more detailed exploit on April 17, demonstrating how attackers can execute remote commands on vulnerable Langflow instances.
Risk Factors Details Affected ProductsLangflow Versions prior to 1.3.0ImpactSystem compromise or data leakage via unauthenticated remote code executionExploit PrerequisitesNo authentication or privileges required; can be exploited remotely over the network.CVSS 3.1 Score9.8 (Critical)
Affected Versions and Remediation
The vulnerability affects most versions of Langflow prior to version 1.3.0, which was released on March 31, 2025.
Organizations using affected versions should immediately upgrade to Langflow 1.3.0 or implement network-level protections to restrict access to vulnerable endpoints.
While it remains unclear how threat actors are currently exploiting this vulnerability in the wild, similar remote code execution flaws have been used in ransomware campaigns and data theft operations in the past.
CISA’s KEV catalog does not currently indicate whether this vulnerability is being used in ransomware campaigns.
Organizations using Langflow should take immediate action by applying vendor-provided mitigations, following applicable BOD 22-01 guidance for cloud services, or discontinuing use of the product if mitigations are unavailable.
#Cyber_Attack_Article #Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
CISA Warns of Langflow Missing Authentication Vulnerability Exploited in Attacks
Author: KaaviyaCISA has added a critical Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability, identified as CVE-2025-3248, allows unauthenticated remote attackers to execute arbitrary code on vulnerable servers running the popular open-source AI workflow platform.
CISA added the vulnerability to its KEV catalog on May 5, 2025, and has mandated Federal Civilian Executive Branch (FCEB) agencies to apply necessary patches by May 26, 2025, in accordance with Binding Operational Directive (BOD) 22-01.
While this directive specifically applies to federal agencies, CISA strongly recommends all organizations using Langflow to immediately update their installations.
Langflow Missing Authentication Vulnerability
The vulnerability, tracked as CWE-306 (Missing Authentication for Critical Function), has received a critical CVSS score of 9.8 out of 10.0, indicating its severe nature.
According to security researchers, the flaw exists in the /api/v1/validate/code endpoint which improperly invokes Python’s built-in exec() function on user-supplied code without adequate authentication or sandboxing.
“Langflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests,” CISA stated in its advisory.
Security firm Horizon3.ai, which discovered and reported the vulnerability in February 2025, described it as “easily exploitable” and warned that it provides unauthenticated attackers with the ability to take complete control of vulnerable Langflow servers.
Censys, an attack surface management platform, has identified approximately 466 internet-exposed Langflow instances globally, with most concentrated in the United States, Germany, Singapore, India, and China. These exposed instances could potentially be targeted if left unpatched.
A proof-of-concept (PoC) exploit was publicly released on April 9, 2025, further elevating the risk for unpatched systems.
Security researcher VeryLazyTech published a more detailed exploit on April 17, demonstrating how attackers can execute remote commands on vulnerable Langflow instances.
Risk Factors Details Affected ProductsLangflow Versions prior to 1.3.0ImpactSystem compromise or data leakage via unauthenticated remote code executionExploit PrerequisitesNo authentication or privileges required; can be exploited remotely over the network.CVSS 3.1 Score9.8 (Critical)
Affected Versions and Remediation
The vulnerability affects most versions of Langflow prior to version 1.3.0, which was released on March 31, 2025.
Organizations using affected versions should immediately upgrade to Langflow 1.3.0 or implement network-level protections to restrict access to vulnerable endpoints.
While it remains unclear how threat actors are currently exploiting this vulnerability in the wild, similar remote code execution flaws have been used in ransomware campaigns and data theft operations in the past.
CISA’s KEV catalog does not currently indicate whether this vulnerability is being used in ransomware campaigns.
Organizations using Langflow should take immediate action by applying vendor-provided mitigations, following applicable BOD 22-01 guidance for cloud services, or discontinuing use of the product if mitigations are unavailable.
#Cyber_Attack_Article #Cyber_Security #Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
