External risk intelligence

Python jsonpickle allows attackers to run any command on your systems.

CVE advisorySeverity: CRITICAL (CVSS 9.3)

CVE-2021-47952

The Python jsonpickle library contains a security flaw that an external attacker could exploit to gain full control of affected systems. By sending malicious data to an application using this library, they can remotely run unauthorized commands, which could result in a complete server compromise.

3Halo Surface Signal

Code Injection

External exposure likelihood

Halo Surface Signal score for CVE-2021-47952

The vulnerability resides in a general-purpose Python library, not a standalone service or appliance. It is frequently used within web applications to deserialize JSON input. Because its exposure depends entirely on how the library is integrated into specific application endpoints, it is plausibly reachable from the internet, but not inherently public-facing by design.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability in the python jsonpickle library allows attackers to run arbitrary Python code on your systems. By sending specially crafted JSON data, an attacker can exploit how the library deserializes certain objects to execute commands. This is a serious concern because it can lead to a complete compromise of the affected systems.

  • Remote code execution is possible.
  • Requires no authentication to exploit.
  • Impacts systems processing JSON input.

Attack Path

How an attacker could exploit the issue

An attacker can exploit this flaw by sending a specially crafted JSON payload to an application that uses `python jsonpickle` to deserialize data. This payload leverages `py/repr` objects to execute arbitrary Python code on the server-side during the deserialization process, leading to remote code execution.

  • Attacker sends malicious JSON.
  • Targets applications deserializing JSON.
  • Requires vulnerable library version.

Live Threat

Current exploitation, exposure, and threat context

Attackers will likely target this deserialization vulnerability because it allows remote code execution without authentication. Exploiting it involves crafting specific JSON payloads that trigger arbitrary Python command execution during data processing. The ease of triggering this flaw makes it attractive for broad attacks.

  • Public exploit available.
  • KEV listing is absent.
  • Recent exploitation signals are not observed.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize reviewing logs and telemetry for signs of deserializing malicious JSON payloads with `py/repr`. Block any identified malicious traffic and inventory all assets using `jsonpickle` version 2.0.0.

  • Update `jsonpickle` to a fixed version.
  • Restrict deserialization of untrusted input.
  • Monitor for unexpected code execution.

Frequently asked questions

What is python jsonpickle and what is it used for?

Python jsonpickle is a library that allows developers to serialize and deserialize arbitrary Python objects to and from JSON format. It's used for saving and loading complex Python data structures that standard JSON encoders cannot handle, often in applications that need to exchange data or persist state.

What is the weakness class for CVE-2021-47952?

CVE-2021-47952 is a remote code execution vulnerability classified as CWE-94, which is 'Improper Control of Generation of Code ('Code Injection')'. This means the software improperly generates or handles code, allowing an attacker to inject and execute their own commands.

How can an attacker exploit CVE-2021-47952?

An attacker can exploit this vulnerability by sending a specially crafted JSON payload containing `py/repr` objects to an application using an affected version of jsonpickle. This payload tricks the library into executing arbitrary Python code during the deserialization process, even without authentication.

Who should be concerned about this CVE based on its Halo Surface Signal?

Organizations should be concerned if they use python jsonpickle within internet-facing applications that deserialize JSON input. While not inherently public-facing, its common use in web applications means it could be reached from the internet, posing a potential risk.

What is the first step to address this vulnerability?

The immediate first step is to identify all systems and applications that use the jsonpickle library, specifically version 2.0.0. Updating the jsonpickle library to a version that includes the fix for CVE-2021-47952 is the primary remediation action.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified