CVE-2026-7584
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix, this mechanism accepted arbitrary fully-qualified class names from the serialized data without any validation of the target class or restriction on which modules could be imported. An attacker can craft a serialized experiment file that causes the deserialization engine to import and instantiate arbitrary Python classes with attacker-controlled constructor arguments, resulting in arbitrary code execution in the context of the user running the Python process. Exploitation requires the victim to load a malicious file using LabOne Q's deserialization functions, for example a compromised experiment file shared for collaboration or support purposes.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Zurich Instruments | LabOne Q | 2.41.0 < 26.1.2 | affected |
| Zurich Instruments | LabOne Q | 26.4.0b1 <= 26.4.0b5 | affected |
Weaknesses
- CWE-502: CWE-502 Deserialization of Untrusted Data
Workarounds
Do not load untrusted experiment files: only deserialize experiment files (JSON, YAML) that originate from a trusted source. Treat serialized experiment files with the same caution as executable scripts.
Validate file provenance: when receiving experiment files from external parties (e.g. for support or collaboration), verify their origin before loading them.
Audit serialized files: before loading, inspect serialized experiment files and verify that only trusted classes are listed as deserializers.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.