CyberSecurityBoard
Sponsor Register Login

Critical Apache Parquet RCE Vulnerability Lets Attackers Run Malicious Code

“The vulnerability can impact data pipelines and analytics systems that import Parquet files, particularly when those files come from external or untrusted sources,” warns Endor Labs in their security advisory. The vulnerability’s technical root cause involves insecure class loading during Avro schema parsing, allowing attackers to inject and execute malicious code when a specially crafted Parquet file is processed. “Despite the frightening potential, it’s important to note that the vulnerability can only be exploited if a malicious Parquet file is imported,” researchers said. Nevertheless, the critical nature of this vulnerability demands immediate attention from all organizations using Apache Parquet in their data infrastructure. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability affects numerous big data environments, including Hadoop, Spark, and Flink implementations, as well as analytics systems on AWS, Google, and Azure cloud platforms. The flaw, identified as CVE-2025-30065, carries the highest possible CVSS score of 10.0 and allows attackers to execute arbitrary code by exploiting unsafe deserialization in the parquet-avro module. At the core of this vulnerability lies a critical flaw in schema parsing within the parquet-avro module.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 04 Apr 2025 10:40:20 +0000


Cyber News related to Critical Apache Parquet RCE Vulnerability Lets Attackers Run Malicious Code

Max severity RCE flaw discovered in widely used Apache Parquet - A separate bulletin by Endor Labs highlights the risk of CVE-2025-30065 exploitation more clearly, warning that the flaw can impact any data pipelines and analytics systems that import Parquet files, with the risk being significant for files sourced ...
1 week ago Bleepingcomputer.com CVE-2025-30065
Critical Apache Parquet RCE Vulnerability Lets Attackers Run Malicious Code - “The vulnerability can impact data pipelines and analytics systems that import Parquet files, particularly when those files come from external or untrusted sources,” warns Endor Labs in their security advisory. The vulnerability’s ...
6 days ago Cybersecuritynews.com CVE-2025-30065
CVE-2021-41561 - Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions. ...
3 years ago
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers - A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits. Apache OFBiz is an open-source enterprise resource planning system many businesses use for e-commerce ...
1 year ago Bleepingcomputer.com CVE-2023-49070 CVE-2023-51467
20 Best Remote Monitoring Tools - 2025 - What is Good ?What Could Be Better ?Strong abilities to keep an eye on devices and systems.Some parts may take time to figure out.It gives you tools for remote control and troubleshooting.There could be more ways to change things.Lets you automate ...
1 week ago Cybersecuritynews.com
1,718,000+ Apache Struts 2 Installation Open to RCE Attacks - Threat actors target Apache Struts 2 due to vulnerabilities in its code that can be exploited for unauthorized access to web applications. Exploiting these vulnerabilities allows attackers to execute arbitrary code that could lead to full system ...
1 year ago Cybersecuritynews.com CVE-2023-50164
Hackers are exploiting critical Apache Struts flaw using public PoC - Hackers are attempting to leverage a recently fixed critical vulnerability in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. It appears that threat actors have just ...
1 year ago Bleepingcomputer.com CVE-2023-50164
Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security - We're thrilled to share that the CrowdStrike Falcon® sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes ...
9 months ago Crowdstrike.com
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks - Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution vulnerability previously exploited as a zero-day. The flaw, tracked as CVE-2023-46604, is a maximum severity ...
1 year ago Bleepingcomputer.com CVE-2023-46604
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online - Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability. Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and ...
1 year ago Bleepingcomputer.com CVE-2023-46604 CVE-2023-4660
Juniper warns of critical RCE bug in its firewalls and switches - Juniper Networks has released security updates to fix a critical pre-auth remote code execution vulnerability in its SRX Series firewalls and EX Series switches. Found in the devices' J-Web configuration interfaces and tracked as CVE-2024-21591, this ...
1 year ago Bleepingcomputer.com CVE-2024-21591 CVE-2023-36844 CVE-2023-36845 CVE-2023-36846 CVE-2023-36847
Hackers target Apache RocketMQ servers vulnerable to RCE attacks - Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. Both vulnerabilities ...
1 year ago Bleepingcomputer.com CVE-2023-33246 CVE-2023-37582 Rocke
CVE-2024-52338 - Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it ...
4 months ago
CVE-2023-39913 - Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. ...
1 month ago
A Critical Remote Code Execution(RCE) Vulnerability in Apache Struts2 Flaw Puts Your Web Apps at Risk - The web development world is constantly on guard against security threats, and a recent discovery in the popular Apache Struts2 framework serves as a stark reminder. This critical vulnerability, known as CVE-2023-50164, exposes a serious flaw that ...
1 year ago Securityboulevard.com CVE-2023-50164
Ivanti warns critical EPM bug lets hackers hijack enrolled devices - Ivanti fixed a critical remote code execution vulnerability in its Endpoint Management software that can let unauthenticated attackers hijack enrolled devices or the core server. Ivanti EPM helps manage client devices running a wide range of ...
1 year ago Bleepingcomputer.com CVE-2023-39366
Cisco Routers Exposed to Remote Code Execution (RCE) Attacks: How to Protect Your Network - Protecting networks from remote code execution (RCE) attacks is now more important than ever, as thousands of end-of-life Cisco routers are exposed to these vulnerabilities. On June 10, 2020 research revealed that over 19,000 Cisco devices were still ...
2 years ago Bleepingcomputer.com
Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug - Concerns are high over a critical, recently disclosed remote code execution vulnerability in Apache Struts 2 that attackers have been actively exploiting over the past few days. Apache Struts is a widely used open source framework for building Java ...
1 year ago Darkreading.com CVE-2023-50164
Atlassian warns of critical RCE flaw in older Confluence versions - Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical remote code execution vulnerability that impacts versions released before December 5, 2023, including out-of-support releases. The flaw is tracked as CVE-2023-22527, ...
1 year ago Bleepingcomputer.com CVE-2023-22527
December Android updates fix critical zero-click RCE flaw - Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution bug. Tracked as CVE-2023-40088, the zero-click RCE bug was found in Android's System ...
1 year ago Bleepingcomputer.com CVE-2023-40088
WordPress fixes POP chain exposing websites to RCE attacks - WordPress has released version 6.4.2 that addresses a remote code execution vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website. WordPress is a highly popular open-source content ...
1 year ago Bleepingcomputer.com
Fortinet warns of critical RCE bug in endpoint management software - Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. FortiClient EMS enables admins to manage endpoints connected to an ...
1 year ago Bleepingcomputer.com CVE-2023-48788 CVE-2024-21762 Volt Typhoon
The Threat That Can't Be Ignored: CVE-2023-46604 in Apache ActiveMQ - There is another vulnerability that demands immediate attention, despite not receiving the level of recognition it truly deserves in the media. Apache ActiveMQ vulnerability, known as CVE-2023-46604, is a Remote Code Execution flaw rated at a ...
1 year ago Cybersecurity-insiders.com CVE-2023-46604 Andariel
Ivanti releases patches for 13 critical Avalanche RCE flaws - Ivanti has released security updates to fix 13 critical security vulnerabilities in the company's Avalanche enterprise mobile device management solution. Avalanche allows admins to manage over 100,000 mobile devices from a single, central location ...
1 year ago Bleepingcomputer.com CVE-2023-32560 CVE-2023-35078
CVE-2023-47248 - Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example ...
1 month ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)