External risk intelligence

DiskCache Pickle Deserialization Leads to Code Execution

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2025-69872

This vulnerability exists in a Python library used for local disk-based caching. It requires an attacker to have write access to the local cache directory to manipulate serialized data. It is a local, library-level component rather than a network-facing service, and is not designed for direct exposure to the public internet.

Code Injection

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

The DiskCache library, a component used for caching data, has a critical vulnerability related to how it handles serialized data. If an attacker can write to the cache directory, they could potentially execute arbitrary code when the application reads from that cache. The main concern is confirming if your organization uses this specific library and if it's exposed to such a risk.

  • Code execution risk via cache manipulation.
  • Potential for unauthorized code execution.
  • Confirm library use and exposure.

Attack Path

How an attacker could exploit the issue

An attacker could achieve arbitrary code execution by writing malicious data to a cache directory. When a trusted application later reads this compromised cache, the vulnerable component deserializes the data, leading to the execution of attacker-controlled code.

  • Attacker needs write access to cache.
  • Triggered when application reads cache.
  • Results in arbitrary code execution.

Live Threat

Current exploitation, exposure, and threat context

When an attacker has write access to the cache directory, applications that use the DiskCache library with default settings could execute arbitrary code when reading from the cache. This could impact the confidentiality, integrity, and availability of the application.

  • Application code and behavior.
  • Writing malicious cache files.
  • Arbitrary code execution.

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability in DiskCache's default use of Python pickle for serialization requires an attacker with write access to the cache directory to achieve arbitrary code execution when an application reads from the cache. Given that this is a library-level component, application owners and platform teams are likely responsible for identifying its use, confirming reachability and criticality, and then planning remediation. The first practical step involves locating all instances of the affected technology, assessing their exposure, and engaging the appropriate teams for risk-based mitigation.

  • Application owners, platform teams responsible.
  • Verify cache directory write access.
  • Plan remediation based on risk.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is the python-diskcache library used for?

DiskCache is a Python library designed to provide a persistent, disk-based cache for applications. Developers use it to store data on local storage to improve performance by reducing the need to recompute or re-fetch information. It operates as a library-level component rather than a standalone network service, acting as a bridge between the application logic and the underlying file system to manage data retrieval efficiently.

How does CVE-2025-69872 enable code execution?

This vulnerability is classified as Deserialization of Untrusted Data (CWE-502) and Improper Control of Generation of Code (CWE-94). The library uses Python's pickle module for serialization by default. Pickle is inherently unsafe when handling untrusted input. If a malicious file is placed into the cache directory, the library will deserialize it, inadvertently executing arbitrary commands embedded in that file when the application attempts to read the cache.

Does reading from a read-only cache trigger this bug?

No. The vulnerability specifically requires the attacker to have write access to the directory where the cache files are stored. The bug is triggered only when the application processes a malicious file that has been injected into that specific location. If the cache storage location is restricted to read-only access for the application and the environment, the specific mechanism required for this attack path remains blocked.

Is my application at risk according to Halo Surface Signal?

Halo Surface Signal identifies this as 'Very unlikely' for direct internet-based exploitation. Because DiskCache is a local library component rather than a public-facing service, it is not typically exposed directly to the internet. Risk is primarily localized to environments where an attacker can already modify files on the system hosting your application's cache directory.

What is the first step to address this CVE?

Begin by identifying all applications in your environment that utilize the DiskCache library. Since this is a library dependency, it may be bundled within your custom application code. Once mapped, assess which systems have cache directories accessible to unauthorized users or processes. Prioritize securing these directories and consult your development teams to determine if the library's serialization methods can be updated or replaced to avoid using pickle.

References