CVE-2025-50213
📋 TL;DR
This CVE describes a SQL injection vulnerability in Apache Airflow's Snowflake provider where unsanitized table and stage parameters in the CopyFromExternalStageToSnowflakeOperator could allow attackers to execute arbitrary SQL commands. It affects all Apache Airflow deployments using the Snowflake provider before version 6.4.0. The CVSS 9.8 score indicates critical severity with high potential impact.
💻 Affected Systems
- Apache Airflow Providers Snowflake
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of the Snowflake database including data exfiltration, data destruction, privilege escalation, and potential lateral movement to connected systems.
Likely Case
Unauthorized data access, data manipulation, or data deletion within the Snowflake environment accessible through the vulnerable operator.
If Mitigated
Limited impact due to network segmentation, minimal Snowflake permissions, or other compensating controls restricting the operator's capabilities.
🎯 Exploit Status
Exploitation requires access to create or modify Airflow DAGs that use the vulnerable operator with attacker-controlled parameters.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 6.4.0
Vendor Advisory: https://lists.apache.org/thread/2kqfmyt2pghg5f6797g8hzvq331v8qx3
Restart Required: Yes
Instructions:
1. Update Apache Airflow Providers Snowflake package to version 6.4.0 or later using pip: pip install --upgrade apache-airflow-providers-snowflake>=6.4.0
2. Restart all Airflow services (webserver, scheduler, workers)
3. Verify the update was successful
🔧 Temporary Workarounds
Input Validation and Sanitization
allImplement strict input validation and sanitization for all parameters passed to CopyFromExternalStageToSnowflakeOperator
Implement custom validation functions in DAG code to sanitize table and stage names before passing to operator
Restrict DAG Creation
allLimit who can create or modify DAGs to trusted users only
Configure Airflow RBAC to restrict DAG creation/modification permissions
🧯 If You Can't Patch
- Disable or remove all DAGs using CopyFromExternalStageToSnowflakeOperator
- Implement network segmentation to isolate Airflow from Snowflake and monitor all SQL queries
🔍 How to Verify
Check if Vulnerable:
Check the installed version of apache-airflow-providers-snowflake package: pip show apache-airflow-providers-snowflake | grep VersionCheck Version:
pip show apache-airflow-providers-snowflake | grep VersionVerify Fix Applied:
Confirm version is 6.4.0 or higher and review DAGs to ensure proper parameter sanitization📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in Snowflake logs originating from Airflow
- Multiple failed login attempts or permission errors in Airflow logs
- Unexpected table or stage operations in Snowflake audit logs
Network Indicators:
- Unusual database connection patterns from Airflow to Snowflake
- Large data transfers from Snowflake to unexpected destinations
SIEM Query:
source="snowflake" AND (query CONTAINS "DROP" OR query CONTAINS "DELETE" OR query CONTAINS "UNION") AND user="AIRFLOW_USER"