A severe, critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-59528, is actively being exploited in Flowise. This flaw allows attackers to inject JavaScript code, potentially leading to full system compromise. The primary concern stems from Flowise's popularity as a rapid deployment tool for AI workflows and LLM-powered applications, often integrated into environments with direct internet exposure for ease of testing and demonstration.
The vulnerability specifically targets the CustomMCP node, where the mcpServerConfig can be insecurely evaluated when derived from user-controlled input. This opens a critical pathway for arbitrary code execution on the server hosting Flowise, grant ing attackers the ability to run commands and access the file system. While current exploitation appears concentrated, the risk is significant, especially for instances connected to internal resources like repositories, secret stores, or databases, as an RCE could quickly escalate to lateral movement or data theft.
Compounding the issue is the estimated 12,000 to 15,000 Flowise instances accessible online, with an unknown number still running vulnerable versions. Active exploitation has also been noted for CVE-2025-8943 and CVE-2025-26319, underscoring the need to treat any publicly exposed Flowise installation as a high-risk component. The fix for CVE-2025-59528 is available from Flowise version 3.0.6, with a recommended upgrade to 3.1.1. Organisations should prioritise inventorying their Flowise instances, verifying versions, and removing public exposure where not essential. Enhanced host and network monitoring for signs of command execution, anomalous disk activity, and unu sual processes are also advised.
Artículos relacionados de LaRebelión:
- Flowise AI Bajo Ataque Vulnerabilidad Critica CVSS 100
- AI Agents 5 Frameworks 3 Critical Security Gaps Exposed
- Critical Python Library Flaw Threatens AI Systems
- Critical KACE SMA Vulnerability Exploited by Hackers
- Oracle RCE Alert Critical Identity Manager Flaw Patched Urgently
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario