CVE-2025-10228

Rolantis Information Technologies · Agentis

Rolantis Information Technologies Agentis is susceptible to a session fixation vulnerability that allows unauthorized attackers to hijack valid user sessions.

Executive summary

A high-severity session fixation vulnerability in Rolantis Information Technologies Agentis allows attackers to hijack user sessions, leading to unauthorized account access.

Vulnerability

The application fails to properly regenerate session identifiers after a successful authentication event. This allows an attacker to pre-set a session ID and subsequently hijack the session of an authenticated user, bypassing standard login security controls.

Business impact

With a CVSS score of 8.8, this flaw represents a major threat to user account security. Successful exploitation allows for complete account takeover, enabling attackers to access sensitive corporate data, perform unauthorized transactions, and impersonate legitimate users within the Agentis platform.

Remediation

Immediate Action: Upgrade Agentis to version 4.44 or later, which addresses the session management flaw.

Proactive Monitoring: Monitor for anomalous session activity, such as a single session ID associated with multiple IP addresses or abnormal login geographic patterns.

Compensating Controls: Enforce short session timeouts and require re-authentication for sensitive actions to limit the window of opportunity for an attacker holding a hijacked session.

Exploitation status

Public Exploit Available: true

Analyst recommendation

Session fixation is a critical security oversight that undermines the entire authentication process. Organizations should prioritize updating to version 4.44 to ensure session tokens are securely handled and regenerated upon authentication.