Cyber Resilience

CVE-2025-32796

MediumPublic PoC

Published: 18 April 2025

Published
18 April 2025
Modified
30 April 2025
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0019 40.3th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-32796 is a medium-severity Improper Access Control (CWE-284) vulnerability in Langgenius Dify. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Windows Service (T1543.003); ranked at the 40.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Other ATLAS/OWASP Terms risk domain.

EU & UK References

Vulnerability details

Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in the DIFY where normal users can enable or disable apps through the API, even though the web UI button for this action is…

more

disabled and normal users are not permitted to make such changes. This access control flaw allows non-admin users to make unauthorized changes, which can disrupt the functionality and availability of the APPS. This issue has been patched in version 0.6.12. A workaround for this vulnerability involves updating the API access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can send enable or disable requests for apps.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: dify, llm

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1543.003 Windows Service Persistence
Adversaries may create or modify Windows services to repeatedly execute malicious payloads as part of persistence.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1489 Service Stop Impact
Adversaries may stop or disable services on a system to render those services unavailable to legitimate users.
Why these techniques?

Access control flaw allows non-admin users to enable/disable apps via API, facilitating modification of existing services (T1031), exploitation for privilege escalation (T1068), and service stop to disrupt availability (T1489).

Affected Assets

langgenius
dify
≤ 0.6.8

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-284 CWE-863

The access control policy and procedures directly mandate and enforce proper access control mechanisms across the organization.

addresses: CWE-284 CWE-863

Supervision and review of access control activities directly detects and remediates improper access configurations or usages.

addresses: CWE-284 CWE-863

Associating and retaining security attributes with data directly supports enforcement of access control decisions across storage, processing, and transmission.

addresses: CWE-284 CWE-863

Requiring prior authorization for each remote access type prevents improper access control over remote connections.

addresses: CWE-284 CWE-863

Requiring authorization of wireless access before allowing connections enforces proper access control for this access method.

addresses: CWE-284 CWE-863

Requiring authorization and configuration controls for mobile device connections directly enforces access control and prevents unauthorized devices from reaching organizational systems.

addresses: CWE-284 CWE-863

Defining account types, requiring approvals for creation, specifying authorizations, monitoring usage, and reviewing accounts directly prevents improper access control by ensuring only authorized accounts exist and are used.

addresses: CWE-284 CWE-863

Enforces rules governing access to the system and its data from external systems based on established trust relationships.

References