CVE-2025-1403 – This vulnerability allows remote attackers to c... (How to Fix)

📋 TL;DR

This vulnerability allows remote attackers to cause denial of service by sending maliciously crafted QPY files to Qiskit applications. The malformed symengine serialization stream triggers a segmentation fault in the symengine library, crashing the application. This affects all users running vulnerable Qiskit SDK versions that process QPY files from untrusted sources.

💻 Affected Systems

Products:

Qiskit SDK

Versions: 0.45.0 through 1.2.4

Operating Systems: All platforms running Python

Default Config Vulnerable: ⚠️ Yes

Notes: Only vulnerable when processing QPY files from untrusted sources. Systems that don't use QPY file functionality may not be affected.

📦 What is this software?

Qiskit by Ibm

View all CVEs affecting Qiskit →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption through application crashes, potentially affecting quantum computing workflows and dependent systems.

🟠

Likely Case

Intermittent application crashes when processing malicious QPY files, leading to service interruptions and data loss in active quantum computing sessions.

🟢

If Mitigated

Minimal impact with proper input validation and file source restrictions in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires crafting a malicious QPY file and getting it processed by a vulnerable Qiskit application. No authentication bypass is needed if the application accepts external QPY files.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Qiskit 1.2.5 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/7183868

Restart Required: No

Instructions:

1. Update Qiskit using pip: pip install --upgrade qiskit>=1.2.5
2. Verify the update completed successfully
3. No restart required as this is a Python library update

🔧 Temporary Workarounds

Restrict QPY file sources

all

Only allow QPY files from trusted, verified sources. Implement input validation for QPY files.

Disable QPY file processing

all

If QPY functionality is not required, disable or restrict QPY file processing in the application.

🧯 If You Can't Patch

Implement strict input validation for all QPY files, rejecting malformed or suspicious files
Isolate Qiskit applications in containers or sandboxes to limit crash impact
Monitor for application crashes and segfaults in system logs

🔍 How to Verify

Check if Vulnerable:

Check Qiskit version: python -c "import qiskit; print(qiskit.__version__)" - if version is between 0.45.0 and 1.2.4 inclusive, system is vulnerable.

Check Version:

python -c "import qiskit; print(qiskit.__version__)"

Verify Fix Applied:

After updating, verify version is 1.2.5 or higher using the same command.

📡 Detection & Monitoring

Log Indicators:

Segmentation fault errors in application logs
Unexpected Qiskit application crashes
Error messages related to symengine or QPY parsing

Network Indicators:

Unusual QPY file uploads to quantum computing services
Multiple failed QPY processing attempts

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "segfault" OR "qiskit crash" OR "symengine error")

📊 Metadata

CVE ID: CVE-2025-1403

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE: CWE-502

EPSS Score: 0.37% exploit probability (58.4th percentile)

Published: February 21, 2025

Last Updated: September 30, 2025

🔗 References

https://www.ibm.com/support/pages/node/7183868 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-1403, you might also want to check these: