Login Sign Up

CVE-2025-5175

5.3 MEDIUM

📋 TL;DR

CVE-2025-5175 is an improper authorization vulnerability in erdogant pypickle's Save function that allows local attackers to bypass intended access controls. This affects users of pypickle versions up to 1.1.5 who have the library installed and use its Save functionality. The vulnerability requires local access to exploit but could lead to unauthorized data manipulation.

💻 Affected Systems

Products:
  • erdogant pypickle
Versions: up to and including 1.1.5
Operating Systems: All operating systems running Python
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where pypickle is installed and the Save function is used. Python applications using pypickle for serialization are vulnerable.

📦 What is this software?

Pypickle by Erdogant

View all CVEs affecting Pypickle →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains unauthorized write access to pickle files, potentially modifying or corrupting serialized data used by applications.

🟠

Likely Case

Malicious local user exploits the vulnerability to tamper with pickle files, affecting application data integrity.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to potential data integrity issues within the local environment.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local attackers within the environment could exploit this to manipulate pickle files.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires local access to the system. The vulnerability has been publicly disclosed with technical details available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0.0

Vendor Advisory: https://github.com/erdogant/pypickle/releases/tag/2.0.0

Restart Required: No

Instructions:

1. Upgrade pypickle to version 2.0.0 or later using pip: pip install --upgrade pypickle==2.0.0
2. Verify the installation with: pip show pypickle
3. Test that the Save function works correctly in your application.

🔧 Temporary Workarounds

Restrict local access

all

Limit local user access to systems running vulnerable pypickle versions

Disable pypickle Save function

all

Modify applications to avoid using the vulnerable Save function

🧯 If You Can't Patch

  • Implement strict access controls to limit which users can run applications using pypickle
  • Monitor file system activity for unauthorized modifications to pickle files

🔍 How to Verify

Check if Vulnerable:

Check pypickle version with: pip show pypickle | grep Version
If version is 1.1.5 or earlier, the system is vulnerable.

Check Version:

pip show pypickle | grep Version

Verify Fix Applied:

After upgrade, verify version is 2.0.0 or later with: pip show pypickle | grep Version

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized file write attempts to pickle files
  • Errors in applications using pypickle Save function

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Search for process execution of Python scripts using pypickle library with file write operations to .pkl files

📊 Metadata

CVE ID: CVE-2025-5175
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-266
EPSS Score: 0.03% exploit probability (6.6th percentile)
Published: May 26, 2025
Last Updated: June 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5175, you might also want to check these:

CVE-2026-23800 10.0

This vulnerability allows attackers to escalate privileges in Modular DS modular-connector WordPress...

Same vulnerability type (CWE-266)
CVE-2026-23550 10.0

This critical vulnerability in Modular DS allows attackers to escalate privileges due to incorrect p...

Same vulnerability type (CWE-266)
CVE-2025-41115 10.0

A critical vulnerability in Grafana's SCIM provisioning allows malicious SCIM clients to provision u...

Same vulnerability type (CWE-266)