python-socketio Remote Code Execution Vulnerability via Malicious Pickle Deserialization

A remote code execution vulnerability has been identified in python-socketio versions 0.8.0 prior to 5.14.0. This vulnerability allows attackers to execute arbitrary Python code through malicious deserialization of pickle data in multi-server deployments. The issue arises when an attacker gains access to the message queue used for internal communications between servers. In deployments using a message queue backend like Redis, messages are serialized with the pickle module and automatically deserialized upon receipt, creating an opportunity for exploitation. The vulnerability is present only in environments with a compromised message queue, leaving single-server systems without a message queue and multi-server systems with a secure message queue unaffected.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected server, executed in the context and with the privileges of the Socket.IO server process.

Reproduction

To reproduce this vulnerability, deploy a multi-server application using python-socketio versions 0.8.0 through 5.14.0, with a message queue backend such as Redis. Once the application is running, gain access to the message queue and send a crafted pickle payload to one of the Socket.IO servers. The server will deserialize the payload using pickle, executing any embedded code.

Remediation

Upgrade to python-socketio version 5.14.0 or newer, and ensure that the message queue is not publicly accessible. For Redis, Kafka, or other supported backends, follow best practices for securing the message queue, including using authentication and encryption.