CVE-2025-71323

Summary

picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary commands, bypassing sandbox protections and gadget chain detection.

Affected Software

VendorProductVersion RangeStatus
picklescanpicklescan0 < 0.0.33affected
picklescanpicklescan0.0.33unaffected

Weaknesses

  • CWE-184: Incomplete List of Disallowed Inputs

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

Additional References

References