An unauthenticated attacker can gain full control of the SOCFortress CoPilot platform by forging administrative JWT tokens using a publicly known hardcoded secret.

This is a hardcoded secret vulnerability found in backend/app/auth/utils.py. The use of a predictable JWT signing secret allows attackers to craft their own tokens with administrative privileges, bypassing all authentication mechanisms.

This vulnerability allows for complete, unauthorized control over the application and every security tool it manages. With a 10.0 CVSS score, this is a critical failure that enables total system takeover and potential lateral movement within the security infrastructure.

Immediate Action: Upgrade to CoPilot version 0.1.57 or later and rotate all existing JWT secrets immediately.

Proactive Monitoring: Monitor for authentication logs showing logins from unrecognized administrative accounts or tokens with suspicious claims.

Compensating Controls: If immediate patching is not possible, ensure the instance is not exposed to the internet and restrict access to authorized network segments.

Public Exploit Available: false

This vulnerability represents the highest level of risk. Administrators must update to the latest version immediately and perform a mandatory rotation of all authentication secrets to ensure the integrity of the platform.