CVE-2024-12215 is a critical vulnerability classified under CWE-94 (Improper Control of Generation of Code) affecting kedro-org/kedro, an open-source Python framework for creating reproducible, maintainable, and modular data science code. The vulnerability exists in version 0.19.8 within the pull_package() API function, which is designed to download and extract micro packages from external sources. The core issue lies in the project_wheel_metadata() function, which processes the downloaded tarball and executes the setup.py script contained within it without sufficient validation or sandboxing. This execution of arbitrary Python code embedded in setup.py leads to remote code execution (RCE) on the host system. The attack vector is network-based (AV:N), requires no privileges (PR:N), but does require user interaction (UI:R), such as invoking the vulnerable API with a malicious package URL. The vulnerability impacts confidentiality, integrity, and availability, as an attacker can run arbitrary commands, potentially leading to data theft, system compromise, or denial of service. No patches or mitigations are currently linked, and no known exploits have been reported in the wild, but the high CVSS score (8.8) indicates a serious threat. This vulnerability is particularly dangerous in environments where Kedro is used to automate data workflows that pull external packages, as it can be exploited by supplying a crafted package containing malicious setup.py code.

For European organizations, the impact of CVE-2024-12215 can be substantial, especially for those relying on Kedro for data science, machine learning pipelines, or ETL processes. Successful exploitation can lead to full system compromise, allowing attackers to execute arbitrary code, steal sensitive data, manipulate datasets, or disrupt critical workflows. This can affect confidentiality by exposing proprietary data or intellectual property, integrity by altering data processing pipelines, and availability by causing system outages or denial of service. Organizations in sectors such as finance, healthcare, manufacturing, and research that use Kedro in production environments are at higher risk. Additionally, the vulnerability could be leveraged as a foothold for lateral movement within networks. The lack of authentication requirements and the network-based attack vector increase the risk of exploitation from remote attackers, including supply chain attackers who might inject malicious packages. Given the growing adoption of data science tools in Europe, the threat could have wide-reaching consequences if not addressed promptly.

To mitigate CVE-2024-12215, European organizations should immediately audit their use of Kedro, especially version 0.19.8 or earlier, and restrict or disable the pull_package() API function if possible. Until an official patch is released, organizations should implement strict validation and whitelisting of package sources to prevent downloading untrusted or malicious packages. Running Kedro processes with least privilege and within isolated environments or containers can limit the impact of potential exploitation. Monitoring network traffic and API calls for unusual package download activity can help detect exploitation attempts. Organizations should also educate developers and data scientists about the risks of executing code from untrusted sources and enforce policies to avoid automatic execution of setup.py scripts from external packages. Regularly checking for updates from the Kedro project and applying security patches as soon as they become available is critical. Additionally, integrating runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions can help detect and block suspicious behavior related to this vulnerability.