Executive Summary

CVE-2025-15453 is a critical security vulnerability in Milvus versions up to 2.6.7, specifically in the function expr.Exec within the HTTP Endpoint component. It arises from improper handling of the 'code' argument, which allows an attacker to manipulate input leading to unsafe deserialization and remote expression execution. This means an attacker who can access the internal /expr HTTP endpoint or guess its weak authentication token can execute arbitrary code on the server remotely. The vulnerability exposes powerful configuration APIs and internal state, enabling information disclosure, configuration manipulation, denial of service, and potentially further escalation. A fix is planned for version 2.6.8. [1, 2, 3]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing remote attackers to execute arbitrary code on your Milvus server, leading to compromise of confidentiality, integrity, and availability. Attackers can disclose sensitive information by reading configuration or internal state, manipulate runtime configuration settings, cause denial of service by running resource-intensive expressions, and potentially escalate privileges or access further system resources. The weak authentication mechanism and exposure of the internal HTTP endpoint increase the risk of exploitation. [1, 2, 3]

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking for the presence and accessibility of the internal HTTP endpoint `/expr` on Milvus servers, typically listening on port 9091. You can attempt to send requests to this endpoint to see if it responds and whether the weak default authentication token (`by-dev`) is accepted. For example, using curl commands to query or modify configuration via the `/expr` endpoint can help detect if the system is vulnerable. Example command: `curl -X POST http://<milvus-server>:9091/expr -d '{"code":"some_expression","auth":"by-dev"}'` to test if the endpoint executes expressions with the default weak auth token. Network scanning tools can also be used to detect open port 9091 and the presence of the `/expr` endpoint. [2]

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include: 1) Disable the `/expr` endpoint by default or remove it from production builds to prevent remote expression execution. 2) Restrict access to the internal HTTP server by binding it to localhost or enforcing firewall/security group rules to block external access to port 9091. 3) Replace the weak authentication mechanism by not using the low-entropy `etcd.rootPath` as a secret; instead, use a dedicated high-entropy token or implement mTLS/RBAC. 4) Minimize the environment exposed to expressions by removing or restricting access to powerful configuration APIs such as `paramtable.Get()`. 5) Implement timeouts, rate limiting, and execution constraints on expression evaluation to reduce risk of DoS. 6) Avoid logging raw expression code to prevent leakage of sensitive information. Until the patch in Milvus 2.6.8 is released, consider using alternative products or applying these mitigations. [2, 1]

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows remote attackers to execute arbitrary code, cause information disclosure, and manipulate system configurations, which can compromise the confidentiality, integrity, and availability of data. Such impacts can lead to violations of data protection standards and regulations like GDPR and HIPAA that require safeguarding sensitive data and ensuring system security. Therefore, exploitation of this vulnerability could result in non-compliance with these regulations due to potential unauthorized access and data breaches. [1, 2, 3]

Useful 0 Not Useful 0