CVE-2025-10279
Insecure Permissions in MLflow Virtualenv Allow Code Execution
Publication date: 2026-02-02
Last updated on: 2026-04-14
Assigner: huntr.dev
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lfprojects | mlflow | to 3.4.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-379 | The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments was assigned insecure world-writable permissions (0o777). This means anyone with write access to the /tmp directory could exploit a race condition to overwrite .py files in the virtual environment, potentially leading to arbitrary code execution. The issue was fixed by changing the permissions to 0o750, restricting write access and improving security. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker with write access to the /tmp directory to execute arbitrary code by overwriting Python files in the virtual environment. This could lead to privilege escalation, unauthorized code execution, and compromise of the system or application running mlflow. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking the permissions of the temporary directories created by mlflow for Python virtual environments. Specifically, look for directories with world-writable permissions (mode 0o777) in the /tmp directory or wherever mlflow creates its temporary directories. A command to find such directories is: `find /tmp -type d -perm 0777 -ls`. Additionally, verify if your mlflow version is 2.20.3, which is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediately upgrade mlflow to version 3.4.0 or later, where the issue is fixed by changing the temporary directory permissions from 0o777 to 0o750, reducing unauthorized write access. As a temporary mitigation, you can manually change the permissions of the temporary directories used by mlflow to 750 using: `chmod 750 <tmp_dir>`. Also, ensure that the temporary directories are cleaned up after use to prevent lingering insecure directories. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not explicitly discuss the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA. However, since the vulnerability allows arbitrary code execution due to insecure permissions on temporary directories, it could potentially lead to unauthorized access or modification of sensitive data, which may affect compliance with data protection regulations. The fix reduces the risk by tightening permissions and cleaning up temporary directories, thereby improving security posture. [1]