Skip to main content

Microsoft UFO CVE-2026-46414

HIGH
Authentication Bypass by Spoofing (CWE-290)
2026-05-27 GitHub_M
8.8
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
May 27, 2026 - 22:51 vuln.today
CVE Published
May 27, 2026 - 21:54 nvd
HIGH 8.8

DescriptionGitHub Advisory

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK message claiming client_type="constellation" and target_id=<victim-device-id>. The server trusts the role and target values from the wire message rather than enforcing the role registered for that WebSocket connection. As a result, any authenticated WebSocket client with the shared server token can spoof the higher-privilege constellation role and dispatch attacker-controlled tasks to another connected device. The same client registry also allows duplicate client_id registration, overwriting an existing live client's stored websocket, role, and task protocol. This is an authenticated WebSocket role/identity spoofing issue leading to peer task hijacking.

AnalysisAI

Authenticated role spoofing in Microsoft UFO's WebSocket control plane (version 3.0.1-4-ge2626659) lets any client holding the shared server token impersonate the higher-privilege "constellation" role and hijack tasks belonging to other connected devices. The server trusts the client_type and target_id values carried in each TASK message instead of binding them to the role established when the WebSocket connection registered, and it also permits duplicate client_id registration that overwrites a live peer's stored socket and role. Rated CVSS 8.8 (high) with full confidentiality, integrity, and availability impact; no public exploit identified at time of analysis.

Technical ContextAI

Microsoft UFO is an open-source framework for intelligent automation across devices and platforms, coordinating work through a WebSocket-based control plane where clients register a client_type/role and an identity (client_id) and exchange TASK messages. The weakness is CWE-290 (Authentication Bypass by Spoofing): authorization decisions are driven by attacker-controllable fields embedded in each wire message (client_type="constellation", target_id) rather than by server-side state tied to the authenticated connection. Compounding this, the client registry keys on client_id without enforcing uniqueness against an existing live session, so a re-registration silently replaces another client's websocket, role, and task protocol. The affected component per the CPE cpe:2.3:a:microsoft:ufo:*:*:*:*:*:*:*:* is the UFO application itself; only the snapshot build 3.0.1-4-ge2626659 is explicitly named in the source data.

RemediationAI

Consult the vendor advisory GHSA-qgx6-cvhg-jw7p (https://github.com/microsoft/UFO/security/advisories/GHSA-qgx6-cvhg-jw7p) for the fixed release and upgrade to it; a released patched version is not independently confirmed from the available data, so verify the exact fix version directly in that advisory before deploying. Until a patched build is applied, reduce trust in the shared token by issuing per-client tokens or scoping tokens so a single credential cannot speak for the constellation role, and have the server enforce that client_type/role and client_id are bound to the authenticated connection at registration rather than re-read from each TASK message - rejecting any message whose claimed role or target conflicts with the registered identity. Additionally reject duplicate client_id registrations from a second live socket (the side effect is that legitimate reconnects may need an explicit takeover/handshake flow). Network-restrict the WebSocket control plane to trusted device subnets so only known peers can reach it; the trade-off is reduced flexibility for dynamically joining devices.

Share

CVE-2026-46414 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy