Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2025-70559 is a high-severity local privilege escalation vulnerability in the Python library pdfminer.six, specifically in its CMap loading mechanism.'}, {'type': 'paragraph', 'content': "The vulnerability arises because pdfminer.six uses Python's pickle module to deserialize CMap cache files without validating the data. This insecure deserialization allows an attacker who can place a malicious pickle file in a directory included in the CMap search path (CMAP_PATH) to execute arbitrary code."}, {'type': 'paragraph', 'content': 'If a low-privileged user can write a malicious pickle file to such a directory, when a privileged process (such as one running as root) loads this file, the malicious code executes with the privileges of that process, enabling privilege escalation.'}, {'type': 'paragraph', 'content': 'This vulnerability persists despite a previous patch for a related issue (CVE-2025-64512) because the unsafe use of pickle remains in the code.'}] [1, 2]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts if exploited.

• An attacker with local write access to a directory in the CMap search path can place a malicious pickle file.
• When a privileged process loads this malicious file, arbitrary code executes with the privileges of that process, potentially root or other service accounts.
• This leads to full code execution, enabling privilege escalation, persistence on the system, and lateral movement within the environment.
• The attacker can thus gain unauthorized control over the system, compromising confidentiality, integrity, and availability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if the environment variable CMAP_PATH used by pdfminer.six includes any directories writable by low-privileged users. An attacker can place malicious pickle files in such writable directories.

To detect potential exploitation or presence of malicious pickle files, you can look for suspicious .pickle.gz files in writable directories included in CMAP_PATH, such as /tmp/uploads.

• Check the CMAP_PATH environment variable to identify directories used for CMap loading.
• List files in writable directories within CMAP_PATH, for example: ls -l /tmp/uploads/*.pickle.gz
• Check for unexpected files created by exploits, such as /root/pwnedByPdfminer, which is a proof-of-concept indicator.
• Monitor processes running pdfminer.six for loading of pickle files from writable directories.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include removing or restricting write access to any directories included in the CMAP_PATH environment variable to prevent low-privileged users from placing malicious pickle files.

Avoid using or loading pickle files for CMap data in pdfminer.six until a secure patch is available.

If possible, remove the dependency on pickle files or replace the unsafe deserialization mechanism with a secure, auditable data handling approach.

• Restrict permissions on directories in CMAP_PATH to prevent write access by untrusted users.
• Audit and monitor for suspicious pickle files in those directories.
• Update pdfminer.six to a version that addresses this vulnerability once available.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not explicitly address the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0