OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0…

OpenAEV versions 1.0.0 to 2.0.12 contain critical password reset vulnerabilities that enable account takeover. Password reset tokens never expire and are only 8 digits long, allowing attackers to accumulate valid tokens over time and brute-force them efficiently. Attackers can generate thousands of valid tokens and brute-force them in approximately 500 seconds at 100 requests per second. The vulnerability affects all registered user accounts including administrators and can lead to full platform compromise. Email addresses are exposed by design, making any registered account vulnerable. Successful exploitation allows access to sensitive simulation data and modification of payloads on deployed agents.