Cyber Resilience

CVE-2025-46417

MediumPublic PoC

Published: 24 April 2025

Published
24 April 2025
Modified
01 October 2025
KEV Added
Patch
CVSS Score v4 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0033 56.5th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-46417 is a medium-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Mmaitre314 Picklescan. Its CVSS base score is 6.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Python (T1059.006); ranked in the top 43.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserialization.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
T1132.002 Non-Standard Encoding Command And Control
Adversaries may encode data with a non-standard data encoding system to make the content of command and control traffic more difficult to detect.
T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol Exfiltration
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
Why these techniques?

Vulnerability in Picklescan allows evasion of detection for malicious pickle payloads that execute Python code (T1059.006) to steal credentials from local files (T1081), apply non-standard encoding for DNS-safety (T1132.002), and exfiltrate via DNS using ssl.get_server_certificate over an unencrypted non-C2 protocol (T1048.003).

Affected Assets

mmaitre314
picklescan
≤ 0.0.25

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-184

Spam filters rely on evolving blacklists, signatures, and heuristics of disallowed message patterns; keeping them updated per the control directly mitigates incomplete disallowed-input lists.

References