CVE-2025-63387 identifies an insecure permissions vulnerability in Dify version 1.9.1. The vulnerability resides in the /console/api/system-features HTTP GET endpoint, which lacks proper authorization controls. This allows unauthenticated attackers to send requests directly to this endpoint and retrieve sensitive system configuration data without needing any credentials or session tokens. The vulnerability is categorized under CWE-284 (Improper Access Control). The CVSS v3.1 base score is 7.5, reflecting a high severity due to the vulnerability's network accessibility (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The impact affects confidentiality (C:H) but does not affect integrity (I:N) or availability (A:N). Although no patches or known exploits are currently reported, the exposure of sensitive configuration data could facilitate further attacks or reconnaissance by adversaries. The vulnerability was reserved in late October 2025 and published in mid-December 2025, indicating recent discovery and disclosure. The lack of authentication and authorization checks on a sensitive API endpoint represents a critical security oversight in Dify's access control mechanisms.

For European organizations, this vulnerability poses a significant risk to the confidentiality of system configuration data managed via Dify v1.9.1. Exposure of such data could lead to unauthorized disclosure of internal system details, potentially aiding attackers in crafting targeted attacks or lateral movement within networks. Sectors such as finance, healthcare, critical infrastructure, and government agencies that rely on Dify for system management could face increased risk of data breaches or espionage. The vulnerability does not directly impact system integrity or availability, but the confidentiality breach alone can have severe regulatory and reputational consequences under GDPR and other data protection laws. Additionally, the ease of exploitation without authentication means attackers can probe vulnerable systems remotely, increasing the attack surface. Organizations with internet-facing instances of Dify are particularly vulnerable. The absence of known exploits in the wild suggests a window of opportunity for proactive mitigation before active exploitation occurs.

European organizations should immediately audit their use of Dify software to identify instances of version 1.9.1 or earlier. Network-level controls should be implemented to restrict access to the /console/api/system-features endpoint, ideally limiting it to trusted internal IP addresses or VPN users only. Application-level mitigation requires applying proper authorization checks to ensure only authenticated and authorized users can access sensitive API endpoints. If patches become available, organizations must prioritize timely deployment. In the absence of patches, consider deploying Web Application Firewalls (WAFs) with custom rules to block unauthenticated requests to the vulnerable endpoint. Continuous monitoring and logging of access to this endpoint should be enabled to detect and respond to suspicious activity promptly. Security teams should also conduct penetration testing to verify the effectiveness of mitigations. Finally, raising user awareness and updating incident response plans to include this vulnerability will enhance preparedness.