### Critical Vulnerability Information - **Vulnerability Name**: Undocumented Remote Code Execution in PLY - **CVE ID**: CVE-2025-56005 - **Reporter**: Ahmed Abd - **Disclosure Date**: July 1, 2025 - **Affected Product**: PLY (Python Lex-Yacc) - **Affected Version**: 3.11 (PyPI distribution) - **Affected Component**: `ply/yacc.py` via `LRTable.read_pickle()` - **CVE Type**: CWE-502 (Deserialization of Untrusted Data) - **Key Impact**: Arbitrary code execution, execution during application startup, execution before parsing logic is reached ### Vulnerability Details - **Vulnerability Type**: Arbitrary Code Execution - **Attack Type**: Context-dependent - **Attack Vector**: Unsafe deserialization via attacker-controlled pickle file - **Impact**: Code execution ### Affected Functions - `ply.yacc.yacc(picklefile=...)` - `LRTable.read_pickle()` in `ply/yacc.py` ### Additional Information - The vulnerability’s stealthy nature and potential for persistence pose a high risk - The `picklefile` parameter is not documented in official documentation, yet version 3.11 of the PyPI distribution includes this feature without validation - Python’s `pickle` module executes embedded code during deserialization; malicious pickle files can execute arbitrary code before parsing logic is invoked ### Proof of Concept (PoC) - Define minimal lexer and parser - Construct malicious pickle payload - Execute system commands during deserialization ### Mitigation Measures - Avoid using the `picklefile` parameter with untrusted or externally writable files - Refrain from loading parse tables from user-controlled locations - Treat all pickle files as untrusted input - Prefer regenerating parse tables over loading them from disk