Impact
picklescan versions prior to 0.0.30 do not detect the doctest.debug_script function when analyzing pickle files, which permits attackers to embed this function within a malicious pickle. When a user processes the crafted pickle with pickle.load, the doctest.debug_script call executes arbitrary code in the current process. The flaw is a serialization deserialization vulnerability (CWE-502) that could lead to complete compromise of the host running the scan or who loads the pickle.
Affected Systems
The vulnerability affects the"picklescan" tool distributed by mmaitre314. Any installations of picklescan older than version 0.0.30 are potentially exploitable. No other versions or related products are listed as affected.
Risk and Exploitability
The CVSS score of 7.6 indicates a high severity attack with confidentiality, integrity, and availability impacts. The EPSS score is not available, but the lack of a KEV listing does not preclude exploitation. The likely attack vector is remote: an attacker can deliver a malicious pickle file over the network, via email attachment, or any file transfer mechanism, and the victim will execute code when the file is scanned or loaded. The vulnerability does not require user interaction beyond running picklescan against a malicious file, making it convenient for automation by threat actors.
OpenCVE Enrichment