The Enemy Within: CVE-2025-68613 and why "Logged In" shouldn't mean "Server Owner"

In the cybersecurity world, "unauthenticated" vulnerabilities (like the recent Ni8mare) usually steal the headlines. After all, the idea of an unknown hacker breaching your server is terrifying.

But there is a category of flaws that is equally dangerous yet often underestimated by CTOs: Privilege Escalation via RCE (Remote Code Execution).

CVE-2025-68613, disclosed in late 2025 and still affecting thousands of instances, is the perfect example of this. It proved that, in n8n, the distance between "creating a workflow" and "becoming root on the server" was frighteningly short.

The Problem: The "Sandbox" that leaked

The power of n8n lies in its expressions. When you type {{ $json.id }}, n8n evaluates this as JavaScript. To do this safely, n8n uses a "Sandbox"—an isolated environment that is supposed to prevent this code from accessing critical operating system functions (like require('fs') or child_process).

CVE-2025-68613 revealed that this sandbox had holes.

Through a specifically formatted "Expression Injection," an authenticated user can "escape" the sandbox. Once out, they have access to the main Node.js process.

The Realistic Attack Scenario

Many managers think: "But I trust my team; no one is going to hack their own company."

This thinking ignores two critical vectors:

1. Compromised Credentials: If a junior developer's laptop is infected by an InfoStealer and their n8n password leaks, the attacker no longer needs to exploit complex firewall flaws. They log in as "Junior," create a workflow with the malicious expression, and take full control of the server.
2. Imported Workflows: If a developer copies a JSON template from an untrusted forum and imports it into n8n, that workflow might contain the hidden malicious expression. Upon clicking "Execute," the attack happens.

Who is vulnerable?

Virtually all n8n versions released in 2024 and 2025 up until the patch.

• Vulnerable: Versions >= 0.211.0 and < 1.120.4
• Fixed: 1.120.4, 1.121.1, and 1.122.0 (and higher)

If you are running an old version because "it's stable," you are sitting on a ticking time bomb.

How to mitigate (besides updating)

Updating is mandatory. But n8nscale recommends a defense-in-depth posture to mitigate future RCE risks:

1. Network Isolation (Egress Filtering): Even if an attacker executes code, they shouldn't be able to download external payloads or exfiltrate your data. Block internet egress from the n8n container for anything not strictly necessary.
2. OS Least Privilege: As we mentioned in previous posts, n8n must never run as root. This limits the damage an RCE can inflict on the file system.
3. Environment Segregation: Do not grant edit access in Production to the entire team. Use Development and Staging environments, and use CI/CD pipelines to promote workflows to Production, where direct human access is restricted.

Trust in your users is important, but Zero Trust security is better. Update your n8n today.