Arbitrary Command Execution in NASA AIT-Core Product via Pickle Library
CVE-2024-35059
Currently unrated
What is CVE-2024-35059?
The Pickle Python library in NASA AIT-Core version 2.5.2 has a security flaw that enables attackers to execute arbitrary commands remotely. This vulnerability can be exploited via specially crafted inputs, allowing unauthorized command execution in the context of the running application. It is essential for users and administrators of AIT-Core to assess their systems and apply security measures to mitigate potential risks associated with this vulnerability.