CVE-2025-24359
Published: 24 January 2025
Summary
CVE-2025-24359 is a high-severity Use of Externally-Controlled Format String (CWE-134) vulnerability in Pocoo (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Python (T1059.006); ranked at the 9.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-24359 is a high-severity vulnerability (CVSS 8.4) in the ASTEVAL library, a Python expression and statement evaluator, affecting versions prior to 1.0.6. The issue stems from improper handling of FormattedValue AST nodes in the on_formattedvalue method, which invokes the str class's format method insecurely via fmt.format(__fstring__=val). This allows attackers controlling input to asteval to manipulate the format string, bypass the library's sandbox restrictions, and execute arbitrary Python code within the host application's context. It is associated with CWE-134 (Use of Externally-Controlled Format String) and CWE-749 (Exposed Dangerous Method or Function).
An attacker with the ability to supply input to an application using asteval can exploit this locally (AV:L) with low complexity (AC:L) and no privileges (PR:N), requiring no user interaction (UI:N). By crafting input that triggers an AttributeError exception during formatting, the attacker can catch the exception and access its obj attribute, enabling arbitrary read/write access to protected object properties and full code execution in the application's security context, with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H).
The GitHub security advisory (GHSA-3wwr-3g9f-9gc7) and affected code confirm that upgrading to version 1.0.6 resolves the issue by addressing the insecure format handling. Additional context on str.format risks is provided in a 2016 blog post by Armin Ronacher.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-0127
Vulnerability details
ASTEVAL is an evaluator of Python expressions and statements. Prior to version 1.0.6, if an attacker can control the input to the `asteval` library, they can bypass asteval's restrictions and execute arbitrary Python code in the context of the application…
more
using the library. The vulnerability is rooted in how `asteval` performs handling of `FormattedValue` AST nodes. In particular, the `on_formattedvalue` value uses the dangerous format method of the str class. The code allows an attacker to manipulate the value of the string used in the dangerous call `fmt.format(__fstring__=val)`. This vulnerability can be exploited to access protected attributes by intentionally triggering an `AttributeError` exception. The attacker can then catch the exception and use its `obj` attribute to gain arbitrary access to sensitive or protected object properties. Version 1.0.6 fixes this issue.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables arbitrary Python code execution by bypassing ASTEVAL sandbox restrictions via insecure format string handling, directly mapping to T1059.006.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Mandates timely remediation of flaws by patching ASTEVAL to version 1.0.6 or later, directly eliminating the insecure FormattedValue handling that enables arbitrary code execution.
Enforces validation of attacker-controlled inputs to the asteval library, blocking malicious format strings and FormattedValue AST nodes that bypass sandbox restrictions.
Vulnerability scanning identifies systems using vulnerable ASTEVAL versions prior to 1.0.6, enabling proactive remediation before exploitation.