CVE-2026-7584

Summary

The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix, this mechanism accepted arbitrary fully-qualified class names from the serialized data without any validation of the target class or restriction on which modules could be imported. An attacker can craft a serialized experiment file that causes the deserialization engine to import and instantiate arbitrary Python classes with attacker-controlled constructor arguments, resulting in arbitrary code execution in the context of the user running the Python process. Exploitation requires the victim to load a malicious file using LabOne Q's deserialization functions, for example a compromised experiment file shared for collaboration or support purposes.

Affected Software

VendorProductVersion RangeStatus
Zurich InstrumentsLabOne Q2.41.0 < 26.1.2affected
Zurich InstrumentsLabOne Q26.4.0b1 <= 26.4.0b5affected

Weaknesses

  • CWE-502: CWE-502 Deserialization of Untrusted Data

Workarounds

Do not load untrusted experiment files: only deserialize experiment files (JSON, YAML) that originate from a trusted source. Treat serialized experiment files with the same caution as executable scripts.

Validate file provenance: when receiving experiment files from external parties (e.g. for support or collaboration), verify their origin before loading them.

Audit serialized files: before loading, inspect serialized experiment files and verify that only trusted classes are listed as deserializers.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References