CVE-2025-46817
published 2025-10-03CVE-2025-46817: Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script…
PriorityP267high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
3.69%
88.3th percentile
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | redict | < redict 7.3.6+ds-1 (forky) | redict 7.3.6+ds-1 (forky) |
| debian | redis | < redict 7.3.6+ds-1 (forky) | redict 7.3.6+ds-1 (forky) |
| debian | valkey | < redict 7.3.6+ds-1 (forky) | redict 7.3.6+ds-1 (forky) |
| lfprojects | valkey | >= 0 < 8.1.1+dfsg1-3+deb13u1 | 8.1.1+dfsg1-3+deb13u1 |
| lfprojects | valkey | >= 0 < 8.1.4+dfsg1-1 | 8.1.4+dfsg1-1 |
| lfprojects | valkey | >= 0 < 7.2.11+dfsg1-0ubuntu0.2 | 7.2.11+dfsg1-0ubuntu0.2 |
| lfprojects | valkey | >= 0 < 8.1.4+dfsg1-0ubuntu0.2 | 8.1.4+dfsg1-0ubuntu0.2 |
| msrc | azl3_ceph_18.2.2-11_on_azure_linux_3.0 | — | — |
| msrc | azl3_valkey_8.0.4-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_ceph_16.2.10-9_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_redis_6.2.18-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_redis_6.2.20-1_on_cbl_mariner_2.0 | — | — |
| redis | redis | < 8.2.2 | 8.2.2 |
| redis | redis | < 6.2.20 | 6.2.20 |
| redis | redis | >= 0 < 5:6.0.16-1+deb11u8 | 5:6.0.16-1+deb11u8 |
| redis | redis | >= 0 < 5:7.0.15-1~deb12u6 | 5:7.0.15-1~deb12u6 |
| redis | redis | >= 0 < 5:8.0.2-3+deb13u1 | 5:8.0.2-3+deb13u1 |
| redis | redis | >= 0 < 5:8.0.4-1 | 5:8.0.4-1 |
| redis | redis | >= 7.0 < 7.2.11 | 7.2.11 |
| redis | redis | >= 7.4.0 < 7.4.6 | 7.4.6 |
| redis | redis | >= 8.0.0 < 8.0.4 | 8.0.4 |
| redis | redis | >= 8.2.0 < 8.2.2 | 8.2.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect Redis instances running version 8.2.1 or below by extracting the redis_version field from the INFO server response. ↗
- →Monitor for EVAL or EVALSHA commands submitted by authenticated clients to Redis on port 6379, as these are the attack vectors for triggering the integer overflow via crafted Lua scripts. ↗
- →Use Shodan or network scanning to identify exposed Redis instances using the query: product:"redis" ↗
- →Probe for Lua scripting availability by sending a benign EVAL payload and checking for a 'lua enabled' response string to confirm the attack surface is present. ↗
- ·Exploitation requires an authenticated client with permission to execute Lua scripts; unauthenticated network attackers cannot directly trigger this vulnerability. ↗
- ·No public proof-of-concept or known in-the-wild exploits were available as of initial advisories, reducing immediate operational risk despite theoretical RCE impact. ↗
- ·The Nuclei detection template checks two conditions: (1) Redis version <= 8.2.1 via INFO response, and (2) Lua scripting is enabled and responsive — both must be true for a positive detection. ↗
- ·For Schneider Electric Plant iT/Brewmaxx environments, disabling EVAL commands in Redis on the application server, VisuHub, engineering workstations, and workstations with emergency mode functionality is a recommended mitigation. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian7.0HIGH
vendor_msrc7.0HIGH
vendor_redhat7.0HIGH
vendor_ubuntu7.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Schneider Electric Plant iT/Brewmaxx
cisa_ics·2026-03-24·CVSS 7.0
[HIGH] Schneider Electric Plant iT/Brewmaxx
ICS Advisory
##
Schneider Electric Plant iT/Brewmaxx
Release DateMarch 24, 2026
Alert CodeICSA-26-083-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
Successful exploitation of these vulnerabilities could risk privilege escalation, which could result in remote code execution.
The following versions of Schneider Electric Plant iT/Brewmaxx are affected:
- Plant iT/Brewmaxx 9.60_and_above (CVE-2025-49844, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819)
CVSS
Vendor
Equipment
Vulnerabilities
| v3 9.9
| Schneider Electric
| Schneider Electric Plant iT/Brewmaxx
| Use After Free, Integer Overflow or Wraparound, Improper Control of Generation of Code ('Code Injection')
## Background
- Critical Infrast
Ubuntu
Valkey vulnerabilities
vendor_ubuntu·2025-11-26·CVSS 7.0
CVE-2025-46818 [HIGH] Valkey vulnerabilities
Title: Valkey vulnerabilities
Summary: Several security issues were fixed in Valkey.
Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Valkey incorrectly
handled memory when running Lua scripts. An authenticated attacker could
use this vulnerability to trigger a use-after-free condition, and
potentially achieve remote code execution on the Valkey server.
(CVE-2025-49844)
It was discovered that Valkey incorrectly handled memory when running Lua
scripts. An authenticated attacker could use this vulnerability to trigger
a integer overflow condition, and potentially achieve remote code execution
on the Valkey server. (CVE-2025-46817)
It was discovered that Valkey incorrectly handled Lua objects. An
authenticated attacker could possibly use this issue to escalate their
privileges. (
Microsoft
Lua library commands may lead to integer overflow and potential RCE
vendor_msrc·2025-10-14·CVSS 7.0
CVE-2025-46817 [HIGH] CWE-190 Lua library commands may lead to integer overflow and potential RCE
Lua library commands may lead to integer overflow and potential RCE
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Refere
Red Hat
redis: Lua library commands may lead to integer overflow and potential RCE
vendor_redhat·2025-10-03·CVSS 7.0
CVE-2025-46817 [HIGH] CWE-190 redis: Lua library commands may lead to integer overflow and potential RCE
redis: Lua library commands may lead to integer overflow and potential RCE
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script (for example via EVAL/EVALSHA) that can trigger memory corruption and potentially lead to remote code execution within the Redis server process.
Statement: This is classified as Moderate because exploitation requires an authenticated client with pe
Debian
CVE-2025-46817: redict - Redis is an open source, in-memory database that persists on disk. Versions 8.2....
vendor_debian·2025·CVSS 7.0
CVE-2025-46817 [HIGH] CVE-2025-46817: redict - Redis is an open source, in-memory database that persists on disk. Versions 8.2....
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
Scope: local
forky: resolved (fixed in 7.3.6+ds-1)
sid: resolved (fixed in 7.3.6+ds-1)
OSV
valkey vulnerabilities
osv·2025-11-26·CVSS 8.8
CVE-2025-49844 [HIGH] valkey vulnerabilities
valkey vulnerabilities
Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Valkey incorrectly
handled memory when running Lua scripts. An authenticated attacker could
use this vulnerability to trigger a use-after-free condition, and
potentially achieve remote code execution on the Valkey server.
(CVE-2025-49844)
It was discovered that Valkey incorrectly handled memory when running Lua
scripts. An authenticated attacker could use this vulnerability to trigger
a integer overflow condition, and potentially achieve remote code execution
on the Valkey server. (CVE-2025-46817)
It was discovered that Valkey incorrectly handled Lua objects. An
authenticated attacker could possibly use this issue to escalate their
privileges. (CVE-2025-46818)
It was discovered that Valkey incorrectly hand
OSV
CVE-2025-46817: Redis is an open source, in-memory database that persists on disk
osv·2025-10-03·CVSS 8.8
CVE-2025-46817 [HIGH] CVE-2025-46817: Redis is an open source, in-memory database that persists on disk
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
No detection rules found.
Nuclei
Redis < 8.2.1 lua script - Integer Overflow
nuclei·CVSS 8.8
CVE-2025-46817 [HIGH] Redis < 8.2.1 lua script - Integer Overflow
Redis < 8.2.1 lua script - Integer Overflow
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
Template:
id: CVE-2025-46817
info:
name: Redis < 8.2.1 lua script - Integer Overflow
author: pussycat0x
severity: critical
description: |
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis wi
Bleepingcomputer
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
blogs_bleepingcomputer·2025-10-14·CVSS 7.8
[HIGH] Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
## Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
## Lawrence Abrams
80 Elevation of Privilege Vulnerabilities
11 Security Feature Bypass Vulnerabilities
31 Remote Code Execution Vulnerabilities
28 Information Disclosure Vulnerabilities
11 Denial of Service Vulnerabilities
10 Spoofing Vulnerabilities
When BleepingComputer reports on the Patch Tuesday security updates, we only count those released today by Microsoft. Therefore, the number of flaws does not include those fixed in Azure, Mariner, Microsoft Edge, and other vulnerabilities earlier this month.
Notably, Windows 10 reaches the end of support today , with this being the last Patch Tuesday where Microsoft provides free security updates to the venerable operating system.
To continue receiving security upd
Greynoiseio
NoiseLetter October 2025
blogs_greynoiseio
NoiseLetter October 2025
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
Bugzilla
CVE-2025-46817 redis: Lua library commands may lead to integer overflow and potential RCE
bugzilla·2025-10-03·CVSS 8.8
CVE-2025-46817 [HIGH] CVE-2025-46817 redis: Lua library commands may lead to integer overflow and potential RCE
CVE-2025-46817 redis: Lua library commands may lead to integer overflow and potential RCE
Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9.4 Extended Update Support
Via RHSA-2025:18931 https://access.redhat.com/errata/RHSA-2025:18931
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Via RHSA-2025:18997 https://access.redhat.com/errat
2025-10-03
Published