A critical remote code execution (RCE) vulnerability has been discovered in the n8n workflow automation platform, affecting over 100,000 instances worldwide.
The Vulnerability: CVE-2024-68613
Tracked as CVE-2024-68613, the flaw carries a maximum CVSS score of 9.9. The vulnerability exists within the workflow expression evaluation engine. It allows authenticated users to execute arbitrary code on the server by bypassing execution environment isolation.
Potential Impact:
- Full system compromise.
- Access to sensitive data and credentials.
- Unauthorized modification of production workflows.
- System-level operations with n8n process privileges.
Affected Versions
The flaw impacts versions starting from 0.211.0 up to:
- Versions prior to 1.120.4
- Versions prior to 1.121.1
- Versions prior to 1.122.0
Required Actions
Security teams should prioritize the following steps immediately:
- Update n8n: Install version 1.120.4, 1.121.1, or 1.122.0 (or higher) to patch the vulnerability.
- Restrict Access: Limit workflow creation and editing permissions to trusted users only.
- Principle of Least Privilege: Minimize system and network privileges for the n8n process to mitigate potential lateral movement.
With proof-of-concept exploits likely to emerge, self-hosted instances are particularly at risk. Update your environment immediately to ensure data security.
