Platform
python
Component
hikariatama/hikka
Fixed in
1.6.3
CVE-2025-52571 describes a Remote Code Execution (RCE) vulnerability within Hikka, a Telegram userbot. This vulnerability allows an unauthenticated attacker to compromise a victim's Telegram account and gain full access to the server hosting the userbot. The vulnerability impacts versions of Hikka and its forks prior to 1.6.2, and a patch has been released in version 1.6.2.
The impact of this vulnerability is severe. An attacker can leverage it to completely take over a victim's Telegram account, potentially accessing sensitive information, sending messages as the victim, and performing actions on their behalf. Furthermore, the attacker gains full access to the server hosting the Hikka userbot, enabling them to execute arbitrary code, steal data, install malware, or pivot to other systems on the network. This represents a significant security risk, especially if the server hosts other sensitive applications or data.
This vulnerability was publicly disclosed on 2025-06-24. There are currently no known public exploits or active campaigns targeting CVE-2025-52571. The vulnerability's severity (CVSS 9.7) indicates a high probability of exploitation if left unpatched. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.18% (40% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-52571 is to immediately upgrade Hikka to version 1.6.2 or later. Due to the nature of the RCE vulnerability, there are no known workarounds beyond upgrading. Ensure that automatic updates are enabled if possible to prevent future exploitation. After upgrading, verify the integrity of the installation by checking the version number and reviewing system logs for any suspicious activity.
Update Hikka to version 1.6.2 or higher. This version contains the security fix that prevents remote code execution. The update can be performed using the package manager used to install Hikka.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-52571 is a critical RCE vulnerability affecting Hikka Telegram userbots versions 1.6.2 and earlier, allowing attackers to gain control of accounts and servers.
You are affected if you are using Hikka version 1.6.2 or earlier. Upgrade to 1.6.2 immediately to mitigate the risk.
Upgrade Hikka to version 1.6.2 or later. There are no known workarounds besides upgrading.
Currently, there are no confirmed reports of active exploitation, but the high severity score suggests a potential for future attacks.
Refer to the official Hikka project repository or website for the latest security advisories and release notes.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.