Plattform
python
Komponente
smolagents
Behoben in
1.17.0
1.17.0
CVE-2025-5120 is a critical remote code execution (RCE) vulnerability discovered in huggingface/smolagents versions up to 1.9.2. This flaw allows attackers to bypass the intended sandbox environment and execute arbitrary code on the host system. The vulnerability resides within the localpythonexecutor.py module, where inadequate restrictions on Python code execution permit exploitation of whitelisted modules and functions. A patch is available in version 1.17.0.
The impact of CVE-2025-5120 is severe. Successful exploitation allows an attacker to execute arbitrary code within the context of the smolagents process, effectively gaining control of the host system. This could lead to data theft, system compromise, and potential lateral movement within the network. The vulnerability's ability to bypass the intended sandbox significantly expands the attack surface, as it circumvents security measures designed to isolate untrusted code. The lack of robust restrictions on whitelisted modules means attackers can leverage seemingly benign functions to achieve malicious goals. This is particularly concerning in environments where smolagents is used to process untrusted input or interact with sensitive data.
CVE-2025-5120 was publicly disclosed on 2025-07-27. The vulnerability's severity and ease of exploitation suggest a medium probability of exploitation (EPSS score pending). Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of widespread exploitation. Monitor security advisories and threat intelligence feeds for updates on exploitation attempts and potential attack campaigns.
Organizations using smolagents for tasks involving untrusted input or integration with external systems are particularly at risk. Development environments and CI/CD pipelines that utilize smolagents are also vulnerable, as they may be exposed to malicious code during the build or testing process. Users relying on shared hosting environments where smolagents is deployed should be aware of the potential for cross-tenant exploitation.
• python / smolagents:
import os
import subprocess
# Check for vulnerable version
process = subprocess.Popen(['pip', 'show', 'smolagents'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
if b'Version: 1.9.2' in stdout:
print('Vulnerable version detected!')
# Check for suspicious file modifications
with open('/path/to/smolagents/local_python_executor.py', 'r') as f:
content = f.read()
if 'os.system' in content:
print('Suspicious code detected in local_python_executor.py')disclosure
patch
Exploit-Status
EPSS
0.30% (53% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-5120 is to upgrade to version 1.17.0 or later of huggingface/smolagents. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the localpythonexecutor.py module and carefully review the whitelisted modules and functions to ensure they are not exploitable. Implement strict input validation and sanitization to prevent malicious code from being injected into the execution environment. Monitor system logs for suspicious activity related to Python processes and smolagents execution. After upgrading, confirm the fix by attempting to execute code through the localpythonexecutor.py module and verifying that the sandbox restrictions are properly enforced.
Actualice la biblioteca huggingface/smolagents a la versión 1.17.0 o superior. Esto solucionará la vulnerabilidad de escape de sandbox. Puede actualizar usando `pip install huggingface/smolagents==1.17.0` o un comando equivalente de su gestor de paquetes.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-5120 is a critical remote code execution vulnerability in huggingface/smolagents versions up to 1.9.2. It allows attackers to bypass the sandbox and execute arbitrary code on the host system.
You are affected if you are using huggingface/smolagents versions 1.14.0 through 1.9.2. Upgrade to version 1.17.0 or later to mitigate the risk.
The recommended fix is to upgrade to version 1.17.0 or later of huggingface/smolagents. If upgrading is not possible, implement temporary workarounds such as restricting access to the vulnerable module.
While active exploitation has not been confirmed, the vulnerability's severity and ease of exploitation suggest a medium probability of exploitation. Monitor security advisories for updates.
Refer to the official huggingface security advisory for detailed information and updates regarding CVE-2025-5120: [https://huggingface.co/security/CVE-2025-5120](https://huggingface.co/security/CVE-2025-5120)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.