CVE-2025-68926
📋 TL;DR
This vulnerability allows attackers to bypass authentication in RustFS by using a hardcoded static token that is publicly exposed in the source code. Any attacker with network access to the gRPC port can authenticate and execute privileged operations including data destruction and configuration changes. All deployments using affected versions are vulnerable.
💻 Affected Systems
- RustFS
📦 What is this software?
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
Rustfs by Rustfs
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the RustFS cluster including data destruction, policy manipulation, and unauthorized configuration changes leading to data loss and service disruption.
Likely Case
Unauthorized access to sensitive data stored in RustFS and potential data manipulation or exfiltration.
If Mitigated
Limited impact if network access to gRPC port is restricted and proper network segmentation is in place.
🎯 Exploit Status
Exploitation requires only network access to gRPC port and knowledge of the hardcoded token which is publicly available in source code.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.0-alpha.78
Vendor Advisory: https://github.com/rustfs/rustfs/security/advisories/GHSA-h956-rh7x-ppgj
Restart Required: Yes
Instructions:
1. Stop RustFS service. 2. Update to version 1.0.0-alpha.78 or later. 3. Restart RustFS service. 4. Verify authentication is now properly implemented.
🔧 Temporary Workarounds
Network Access Restriction
linuxRestrict network access to RustFS gRPC port using firewall rules to only allow trusted sources.
iptables -A INPUT -p tcp --dport <gRPC_PORT> -s <TRUSTED_IP> -j ACCEPT
iptables -A INPUT -p tcp --dport <gRPC_PORT> -j DROP
🧯 If You Can't Patch
- Implement strict network segmentation and firewall rules to restrict access to RustFS gRPC port to only absolutely necessary systems.
- Monitor network traffic to RustFS gRPC port for unauthorized access attempts and implement intrusion detection rules.
🔍 How to Verify
Check if Vulnerable:
Check RustFS version using the version command or configuration file. If version is earlier than 1.0.0-alpha.78, the system is vulnerable.Check Version:
rustfs --version or check the RustFS configuration/version fileVerify Fix Applied:
After patching, verify the version is 1.0.0-alpha.78 or later and test authentication with the old hardcoded token to ensure it no longer works.📡 Detection & Monitoring
Log Indicators:
- Authentication attempts using the hardcoded token 'rustfs rpc'
- Unauthorized privileged operations from unexpected sources
Network Indicators:
- gRPC authentication requests containing the hardcoded token
- Unauthorized gRPC calls to privileged endpoints
SIEM Query:
source="rustfs" AND (token="rustfs rpc" OR auth_failure OR unauthorized_access)