PandasAI interactive prompt function Remote Code Execution (RCE)
翻译中…平台
python
组件
pandasai
修复版本
2.4.1
2.4.3
CVE-2024-12366 describes a Remote Code Execution (RCE) vulnerability within pandasai, a Python library designed to enhance pandas with natural language processing capabilities. This flaw arises from insufficient security controls in the interactive prompt function, allowing attackers to inject malicious prompts and execute arbitrary Python code. Versions of pandasai up to and including 2.4.2 are affected; a fix is available in version 2.4.1.
检测此 CVE 是否影响你的项目
上传你的 requirements.txt 文件,立即知道是否受影响。
影响与攻击场景翻译中…
The impact of CVE-2024-12366 is severe. An attacker can leverage prompt injection to bypass security measures and execute arbitrary Python code within the pandasai environment. This could lead to complete system compromise, allowing the attacker to steal sensitive data, install malware, or pivot to other connected systems. The ability to execute arbitrary code effectively grants the attacker full control over the affected system. This vulnerability shares similarities with other prompt injection attacks targeting large language model integrations, highlighting the importance of robust input validation and security controls.
利用背景翻译中…
CVE-2024-12366 was publicly disclosed on 2025-02-11. The CVSS score of 9.8 (CRITICAL) indicates a high probability of exploitation. Public proof-of-concept (PoC) code is likely to emerge given the ease of prompt injection exploitation. It is not currently listed on CISA KEV, but its critical severity warrants close monitoring. Active campaigns targeting pandasai are not yet confirmed, but the vulnerability's ease of exploitation makes it a potential target.
哪些人处于风险中翻译中…
Organizations and developers using pandasai in production environments, particularly those integrating it with sensitive data or critical systems, are at significant risk. Those relying on pandasai for automated data analysis or report generation are especially vulnerable, as they may not be actively monitoring prompts for malicious content. Users with limited security expertise or those who have not implemented robust input validation practices are also at higher risk.
检测步骤翻译中…
• python / supply-chain:
import pandas as pd
import pandasai
# Check pandasai version
print(pandasai.__version__)
# Attempt to detect malicious code execution by injecting a simple prompt
# (This is a simplified example and may require more sophisticated techniques)
# pandasai.with_chat_session().run('print("Malicious code executed")')• generic web: Check for unusual process activity related to pandasai. Monitor system logs for unexpected Python script executions. • generic web: Review pandasai configuration files for any suspicious modifications or injected code.
攻击时间线
- Disclosure
disclosure
威胁情报
漏洞利用状态
EPSS
5.90% (91% 百分位)
CVSS 向量
这些指标意味着什么?
- Attack Vector
- 网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
- Attack Complexity
- 低 — 无需特殊条件,可以稳定地利用漏洞。
- Privileges Required
- 无 — 无需认证,无需凭证即可利用。
- User Interaction
- 无 — 攻击自动且无声,受害者无需任何操作。
- Scope
- 未改变 — 影响仅限于脆弱组件本身。
- Confidentiality
- 高 — 完全丧失机密性,攻击者可读取所有数据。
- Integrity
- 高 — 攻击者可写入、修改或删除任何数据。
- Availability
- 高 — 完全崩溃或资源耗尽,完全拒绝服务。
受影响的软件
弱点分类 (CWE)
时间线
- 已保留
- 发布日期
- EPSS 更新日期
缓解措施和替代方案翻译中…
The primary mitigation for CVE-2024-12366 is to upgrade pandasai to version 2.4.1 or later. This version includes fixes to properly validate and sanitize user inputs, preventing malicious code execution. If upgrading is not immediately feasible, consider implementing strict input validation and sanitization on all prompts passed to pandasai. While not a complete solution, this can reduce the attack surface. Review and restrict the permissions granted to the pandasai process to limit the potential damage from a successful exploit. After upgrading, verify the fix by attempting to inject a simple, known malicious prompt and confirming that it is properly rejected.
修复方法翻译中…
Actualice la biblioteca PandasAI a una versión posterior a la 2.4.0 que corrija la vulnerabilidad de inyección de código. Consulte las notas de la versión y las actualizaciones de seguridad proporcionadas por Sinaptik AI para obtener instrucciones específicas sobre la actualización y las mitigaciones adicionales.
CVE 安全通讯
漏洞分析和关键警报直接发送到您的邮箱。
常见问题翻译中…
What is CVE-2024-12366 — RCE in pandasai ≤2.4.2?
CVE-2024-12366 is a critical Remote Code Execution vulnerability in pandasai versions up to 2.4.2. Attackers can inject malicious prompts to execute arbitrary Python code, potentially compromising the entire system.
Am I affected by CVE-2024-12366 in pandasai ≤2.4.2?
If you are using pandasai version 2.4.2 or earlier, you are vulnerable to this RCE vulnerability. Carefully assess your environment and upgrade as soon as possible.
How do I fix CVE-2024-12366 in pandasai ≤2.4.2?
Upgrade pandasai to version 2.4.1 or later. This version includes the necessary security fixes to prevent prompt injection attacks. Implement input validation as a temporary workaround if immediate upgrade is not possible.
Is CVE-2024-12366 being actively exploited?
While no active campaigns have been confirmed, the vulnerability's critical severity and ease of exploitation suggest it is a potential target. Continuous monitoring is recommended.
Where can I find the official pandasai advisory for CVE-2024-12366?
Refer to the pandasai project's official security advisories and release notes for detailed information and updates regarding CVE-2024-12366. Check the pandasai GitHub repository and documentation.