Horizon Alert
Summary of the vulnerability and why it matters
This advisory concerns a critical vulnerability in Rejetto HFS file server software that allows an unauthenticated remote attacker to gain full administrative control and execute arbitrary code. The flaw stems from the predictable generation of session security keys, which an attacker can exploit by observing login attempts to reconstruct the key and forge administrative credentials.
- Predictable security keys enable administrative takeover.
- Critical flaws can expose sensitive systems.
- Confirm relevance and assess exposure risks.
Attack Path
How an attacker could exploit the issue
An attacker can exploit this vulnerability by interacting with the login process of Rejetto HFS. By collecting information from a few login attempts, the attacker can determine the server's secret key. This allows them to create a fake administrator session, granting them control over the server and the ability to execute arbitrary code.
- Unauthenticated network access required.
- Predictable session key generation exploited.
- Full administrative access and RCE.
Live Threat
Current exploitation, exposure, and threat context
A remote attacker could exploit this vulnerability to gain administrative access to the server. By observing a small number of login responses, an attacker may be able to reconstruct the session-cookie signing key. This would allow them to forge a valid administrator session cookie, leading to unauthorized administrative control and potentially remote code execution.
- Server administrative access at risk.
- Attacker intercepts login responses.
- Full administrative control and RCE.
Operational Fix
Recommended remediation, mitigation, and detection steps
Attackers can exploit Rejetto HFS by compromising the session-cookie signing key, leading to full administrative access and remote code execution. System owners, application owners, and security teams must collaborate to identify all instances of Rejetto HFS, assess their exposure and business criticality, and plan remediation. The first practical step is to locate all deployed instances, determine their reachability from the internet, confirm ownership, and then prioritize actions based on risk.
- Application and infrastructure teams own remediation.
- Verify internet-facing HFS instances.
- Plan risk-based remediation and vendor coordination.