The National Cyber Emergency Response Team (CERT) has issued a critical alert about severe security flaws in a widely used workflow automation platform, warning that hackers could exploit the vulnerabilities to take full control of business systems, servers, and connected applications.

The flaws involve weaknesses in the platform’s security safeguards, allowing attackers to bypass protections and access sensitive information, including encryption keys that secure stored passwords. If exploited, hackers could decrypt credentials, infiltrate company apps, and maintain persistent access across business networks.

These vulnerabilities have been assigned a high-risk rating of 9.5 out of 10 and affect both cloud-hosted and on-premise deployments, especially systems exposed to the internet or offering public access. The CERT advisory urges organizations to update to patched versions immediately, tighten access controls, audit workflows, and rotate all stored passwords. Temporary measures, such as disabling vulnerable features, may reduce risk but cannot replace proper patching.

The advisory highlights that failing to act promptly could result in data breaches, unauthorized access to critical systems, and complete compromise of enterprise infrastructure. Companies are also advised to monitor their systems for unusual activity, unauthorized workflow changes, or suspicious connections, which may indicate attempted exploitation.