HarborGuard / CVE
Back to search
HIGHCVE-2026-46414Published Modified CNA GitHub_M

CVE-2026-46414: Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK message claiming client_type="constellation" and target_id=<victim-device-id>. The server trusts the role and target values from the wire message rather than enforcing the role registered for that WebSocket connection. As a result, any authenticated WebSocket client with the shared server token can spoof the higher-privilege constellation role and dispatch attacker-controlled tasks to another connected device. The same client registry also allows duplicate client_id registration, overwriting an existing live client's stored websocket, role, and task protocol. This is an authenticated WebSocket role/identity spoofing issue leading to peer task hijacking.

HarborGuard Analysis

HarborGuard analysis

Synopsis

This is an authentication bypass and role-spoofing vulnerability in the Microsoft UFO open-source intelligent automation framework, specifically in its WebSocket control plane at version 3.0.1-4-ge2626659. An attacker who already holds a valid shared server token can connect as a normal device and then send crafted task messages that falsely claim a higher-privilege constellation role, because the server trusts identity and role fields supplied in the wire message rather than enforcing the role recorded at connection time. Successful exploitation lets the attacker dispatch arbitrary attacker-controlled tasks to any other connected device, and also overwrite a legitimate client's registration by re-using its client_id. HarborGuard is tracking this advisory and will make a patched-image rebuild available as soon as an upstream fix is published.

HarborGuard Coverage

Detection

Detection capability is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images and pipeline builds, including custom-built images that bundle the UFO framework. Any image found to carry the affected version is flagged immediately in the scan results.

Available
Triage

HarborGuard is capable of scoring this finding at CVSS 8.8 HIGH and weighting it against each customer environment's compliance policy to determine urgency. Routing to the appropriate team inbox within each organization is available as soon as the match is confirmed.

Available
Patch

Because no fix version has been published upstream, HarborGuard re-checks this advisory on every ingest cycle and will make a patched-image rebuild available the moment Microsoft UFO ships a corrected release. For customers who opt into auto-remediation, a rebuilt image, regression-test run, and a PR opened against affected workloads will be triggered automatically at that point.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the UFO WebSocket control plane over the network to establish a client connection.

  • AuthenticationRequired

    Any low-privilege account holding the shared server token is sufficient to open a WebSocket connection and send spoofed role messages.

  • Victim interactionNot required

    No action is needed from the target device or any other user; the attacker sends crafted messages directly to the server.

  • Attack complexityDetail

    The exploit is reliable and condition-free: crafting a TASK message with the desired role and target fields requires no race condition or special environmental setup.

Blast Radius

  • Reads task state, device identifiers, and any data returned by tasks running on peer devices, since the spoofed constellation role grants visibility across connected clients.
  • Dispatches arbitrary attacker-controlled tasks to any connected device, allowing execution of commands or automation actions on victim endpoints.
  • Overwrites a legitimate client's registered WebSocket, role, and task protocol by re-registering with the same client_id, effectively hijacking that client's identity and cutting off its legitimate connection.
  • Disrupts service for the overwritten client, which loses its session and any in-progress task coordination.

How HarborGuard Handles This

Available on HarborGuard: this CVE is actively tracked with no fix version yet published. HarborGuard re-evaluates the advisory on every ingest cycle and will automatically generate a patched-image rebuild the moment Microsoft UFO ships a corrected release; for customers who opt into auto-remediation, that rebuild triggers a regression-test run and a PR opened against affected workloads without manual intervention. In the meantime, compensating controls worth evaluating include placing the UFO WebSocket server behind a network policy that restricts inbound connections to known trusted client addresses, enforcing egress filtering on automation-agent containers to limit lateral reach if a session is compromised, and disabling or gating multi-device constellation features via UFO configuration flags until role enforcement is fixed upstream. Where compliance policy permits runtime alerting, HarborGuard can surface new image scans that introduce or re-introduce the affected version during CI pipeline builds.

See how HarborGuard automates this

Metrics

CVSS v3.1
8.8
Severity
HIGH
Fixed in
Affected Products
1
Affected packages
  • microsoft / UFO
    3.0.1-4-ge2626659
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References