CVE-2026-3432
Received Received - Intake
Authorization Bypass in SimStudio OAuth Endpoint Enables Token Theft

Publication date: 2026-03-02

Last updated on: 2026-03-06

Assigner: Tenable Network Security, Inc.

Description
On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `credentialAccountUserId` and `providerId` parameters. An unauthenticated attacker can retrieve OAuth access tokens for any user by supplying their user ID and a provider name, effectively stealing credentials to third-party services.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-02
Last Modified
2026-03-06
Generated
2026-06-16
AI Q&A
2026-03-02
EPSS Evaluated
2026-06-15
NVD
CVE-2026-3432
EUVD
EUVD-2026-9173
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sim sim to 0.5.74 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-3432 is a critical security vulnerability in Sim Studio AI versions prior to 0.5.74. It exists in the `/api/auth/oauth/token` endpoint, where a specific code path bypasses all authorization checks if the parameters `credentialAccountUserId` and `providerId` are provided.'}, {'type': 'paragraph', 'content': "This flaw allows an unauthenticated attacker to supply any user's ID and a provider name to retrieve OAuth access tokens for that user without needing to authenticate. Essentially, the attacker can steal OAuth tokens and gain unauthorized access to third-party services linked to those tokens."}] [1]

Impact Analysis

This vulnerability can have severe impacts because it allows attackers to remotely obtain OAuth access tokens for any user without authentication or user interaction.

  • Attackers can impersonate users and access third-party services linked to the stolen tokens.
  • Confidentiality and integrity of user credentials and linked services are compromised.
  • Unauthorized access can lead to data breaches, service misuse, and potential further exploitation of connected systems.
Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, users of Sim Studio AI should upgrade their software to version 0.5.74 or later, as this version contains the fix for the issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3432. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart