CVE-2024-25723
📋 TL;DR
This vulnerability in ZenML Server allows remote attackers to escalate privileges by activating user accounts with only a valid username and new password via the /api/v1/users/{user_name_or_id}/activate endpoint. It affects all ZenML deployments running vulnerable versions, particularly those exposed to untrusted networks. The flaw enables unauthorized account activation and potential administrative access.
💻 Affected Systems
- ZenML Server
📦 What is this software?
Zenml by Zenml
Zenml by Zenml
Zenml by Zenml
Zenml by Zenml
⚠️ Risk & Real-World Impact
Worst Case
Remote attacker gains administrative control over the ZenML Server, potentially compromising the entire ML pipeline, stealing sensitive data, and deploying malicious models.
Likely Case
Unauthorized user activation leading to privilege escalation, data exfiltration, and unauthorized access to ML workflows and artifacts.
If Mitigated
Limited impact with proper network segmentation and authentication controls, though the vulnerability still exists in the codebase.
🎯 Exploit Status
Exploitation requires knowledge of a valid username but no authentication, making it relatively straightforward for attackers with some reconnaissance.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.42.2, 0.43.1, 0.44.4, or 0.46.7
Vendor Advisory: https://www.zenml.io/blog/critical-security-update-for-zenml-users
Restart Required: Yes
Instructions:
1. Check current ZenML version with 'zenml version'. 2. Upgrade to patched version: 'pip install --upgrade zenml==0.46.7' (or appropriate version). 3. Restart ZenML Server services.
🔧 Temporary Workarounds
Disable vulnerable endpoint
allTemporarily block access to the /api/v1/users/{user_name_or_id}/activate endpoint via web server configuration or firewall rules.
Example for nginx: location ~ ^/api/v1/users/.*/activate$ { deny all; }
Network isolation
linuxRestrict ZenML Server access to trusted IP addresses only using firewall rules.
Example for iptables: iptables -A INPUT -p tcp --dport 8080 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP
🧯 If You Can't Patch
- Implement strict network access controls to limit ZenML Server exposure
- Enable comprehensive logging and monitoring for suspicious activation attempts
🔍 How to Verify
Check if Vulnerable:
Check ZenML version: 'zenml version' or 'pip show zenml'. If version is before 0.42.2, 0.43.1, 0.44.4, or 0.46.7, system is vulnerable.Check Version:
zenml versionVerify Fix Applied:
After upgrade, verify version is 0.42.2, 0.43.1, 0.44.4, or 0.46.7+ with 'zenml version'. Test that user activation requires proper authentication.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to /api/v1/users/*/activate endpoint
- User activation events from unexpected IP addresses
- Failed authentication attempts followed by activation requests
Network Indicators:
- HTTP POST requests to user activation endpoints without proper authentication headers
- Traffic patterns suggesting privilege escalation attempts
SIEM Query:
source="zenml-server" AND (url_path="/api/v1/users/*/activate" OR message="user activation")🔗 References
- https://github.com/zenml-io/zenml
- https://github.com/zenml-io/zenml/compare/0.42.1...0.42.2
- https://github.com/zenml-io/zenml/compare/0.43.0...0.43.1
- https://github.com/zenml-io/zenml/compare/0.44.3...0.44.4
- https://www.zenml.io/blog/critical-security-update-for-zenml-users
- https://github.com/zenml-io/zenml
- https://github.com/zenml-io/zenml/compare/0.42.1...0.42.2
- https://github.com/zenml-io/zenml/compare/0.43.0...0.43.1
- https://github.com/zenml-io/zenml/compare/0.44.3...0.44.4
- https://www.zenml.io/blog/critical-security-update-for-zenml-users
