Horizon Alert
Summary of the vulnerability and why it matters
This advisory concerns a critical vulnerability in IBM Langflow OSS affecting versions 1.0.0 through 1.10.0. The vulnerability allows unauthenticated attackers to create unlimited active user accounts, potentially leading to the execution of remote code. The main concern is confirming relevance and exposure.
- Unauthenticated users can create active accounts.
- Enables unauthorized access and potential code execution.
- Verify if your Langflow instances are affected.
Attack Path
How an attacker could exploit the issue
An attacker could begin by sending a request to an exposed Langflow instance. If the deployment option `NEW_USER_IS_ACTIVE` is enabled, the attacker can create an unlimited number of new user accounts. These new accounts are immediately active, allowing the attacker to authenticate and access code execution capabilities.
- Network access to Langflow instance.
- Create user account and authenticate.
- Remote code execution.
Live Threat
Current exploitation, exposure, and threat context
Unauthenticated attackers could create unlimited active user accounts on an affected Langflow instance. When configured with `NEW_USER_IS_ACTIVE=true`, these accounts could immediately authenticate and access Remote Code Execution (RCE) endpoints without needing auto-login.
- Affected asset: Langflow instance data.
- Exposure: Unauthenticated network access.
- Consequence: System compromise via RCE.
Operational Fix
Recommended remediation, mitigation, and detection steps
This vulnerability in IBM Langflow OSS could allow unauthenticated attackers to create unlimited active user accounts, potentially leading to Remote Code Execution. Application owners and platform teams are likely responsible for managing Langflow instances. The first critical step is to identify all deployed Langflow instances, confirm their exposure and business criticality, and then assign ownership for remediation planning.
- Assign ownership for Langflow instances.
- Verify instance exposure and criticality.
- Plan remediation based on risk.