CVE-2025-24794
📋 TL;DR
The Snowflake Connector for Python uses pickle for OCSP response cache serialization, allowing local attackers to execute arbitrary code via cache poisoning. This affects Python applications using vulnerable connector versions 2.7.12 through 3.13.0 to connect to Snowflake databases.
💻 Affected Systems
- Snowflake Connector for Python
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation leading to complete system compromise, data exfiltration, or lateral movement within the environment.
Likely Case
Local user gains elevated privileges on systems running vulnerable Snowflake connector applications, potentially accessing sensitive data or disrupting operations.
If Mitigated
Limited impact with proper access controls and monitoring, though local code execution remains possible.
🎯 Exploit Status
Exploitation requires local access to the system and ability to manipulate OCSP cache files. The advisory shows the vulnerability involves insecure deserialization via pickle.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.13.1
Vendor Advisory: https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-m4f6-vcj4-w5mx
Restart Required: Yes
Instructions:
1. Update Snowflake Connector for Python to version 3.13.1 or later using pip: 'pip install --upgrade snowflake-connector-python>=3.13.1' 2. Restart all Python applications using the connector. 3. Verify the update was successful.
🔧 Temporary Workarounds
Disable OCSP caching
allDisable OCSP response caching to prevent pickle deserialization attack surface
Set environment variable: SNOWFLAKE_OCSP_RESPONSE_CACHE_DIR=''
Or configure in code: snowflake.connector.paramstyle='qmark' with ocsp_response_cache_dir=None
Restrict cache directory permissions
linuxSet strict file permissions on OCSP cache directory to prevent unauthorized writes
chmod 700 ~/.cache/snowflake/ocsp_response_cache
chown root:root ~/.cache/snowflake/ocsp_response_cache
🧯 If You Can't Patch
- Implement strict access controls to limit local user privileges on systems running Snowflake connectors
- Monitor for suspicious activity on systems with vulnerable connectors and implement file integrity monitoring on OCSP cache directories
🔍 How to Verify
Check if Vulnerable:
Check installed version: 'pip show snowflake-connector-python' and verify if version is between 2.7.12 and 3.13.0 inclusiveCheck Version:
python -c "import snowflake.connector; print(snowflake.connector.__version__)"Verify Fix Applied:
Verify version is 3.13.1 or higher: 'pip show snowflake-connector-python | grep Version' should show 3.13.1+📡 Detection & Monitoring
Log Indicators:
- Unusual file writes to OCSP cache directory
- Python processes with unexpected privilege escalation
- Errors related to pickle deserialization in application logs
Network Indicators:
- Unusual OCSP requests from systems running Snowflake connectors
SIEM Query:
Process creation events showing Python processes spawning with elevated privileges OR File modification events in ~/.cache/snowflake/ocsp_response_cache directory