Platform
python
Component
pandasai
Fixed in
2.4.1
2.4.3
CVE-2024-12366 describes a Remote Code Execution (RCE) vulnerability within pandasai, a Python library designed to enhance pandas with natural language processing capabilities. This flaw arises from insufficient security controls in the interactive prompt function, allowing attackers to inject malicious prompts and execute arbitrary Python code. Versions of pandasai up to and including 2.4.2 are affected; a fix is available in version 2.4.1.
The impact of CVE-2024-12366 is severe. An attacker can leverage prompt injection to bypass security measures and execute arbitrary Python code within the pandasai environment. This could lead to complete system compromise, allowing the attacker to steal sensitive data, install malware, or pivot to other connected systems. The ability to execute arbitrary code effectively grants the attacker full control over the affected system. This vulnerability shares similarities with other prompt injection attacks targeting large language model integrations, highlighting the importance of robust input validation and security controls.
CVE-2024-12366 was publicly disclosed on 2025-02-11. The CVSS score of 9.8 (CRITICAL) indicates a high probability of exploitation. Public proof-of-concept (PoC) code is likely to emerge given the ease of prompt injection exploitation. It is not currently listed on CISA KEV, but its critical severity warrants close monitoring. Active campaigns targeting pandasai are not yet confirmed, but the vulnerability's ease of exploitation makes it a potential target.
Exploit Status
EPSS
5.90% (91% percentile)
CVSS Vector
The primary mitigation for CVE-2024-12366 is to upgrade pandasai to version 2.4.1 or later. This version includes fixes to properly validate and sanitize user inputs, preventing malicious code execution. If upgrading is not immediately feasible, consider implementing strict input validation and sanitization on all prompts passed to pandasai. While not a complete solution, this can reduce the attack surface. Review and restrict the permissions granted to the pandasai process to limit the potential damage from a successful exploit. After upgrading, verify the fix by attempting to inject a simple, known malicious prompt and confirming that it is properly rejected.
Update the PandasAI library to a version later than 2.4.0 that fixes the code injection vulnerability. Refer to the release notes and security updates provided by Sinaptik AI for specific instructions on updating and additional mitigations.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-12366 is a critical Remote Code Execution vulnerability in pandasai versions up to 2.4.2. Attackers can inject malicious prompts to execute arbitrary Python code, potentially compromising the entire system.
If you are using pandasai version 2.4.2 or earlier, you are vulnerable to this RCE vulnerability. Carefully assess your environment and upgrade as soon as possible.
Upgrade pandasai to version 2.4.1 or later. This version includes the necessary security fixes to prevent prompt injection attacks. Implement input validation as a temporary workaround if immediate upgrade is not possible.
While no active campaigns have been confirmed, the vulnerability's critical severity and ease of exploitation suggest it is a potential target. Continuous monitoring is recommended.
Refer to the pandasai project's official security advisories and release notes for detailed information and updates regarding CVE-2024-12366. Check the pandasai GitHub repository and documentation.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.