CVE-2022-34982

Vulnerability

The eziod package available on PyPI before version v0.0.1 contained a malicious code execution backdoor inserted by a third party. The backdoor was embedded within the package's source code and executed automatically upon installation, without requiring any special configuration or conditions [1].

Exploitation

An attacker with no prior access or authentication could exploit this backdoor simply by convincing a target to install the compromised eziod package via pip. No user interaction beyond the installation step is required; the malicious code runs automatically during the package installation process [1].

Impact

Successful exploitation leads to arbitrary code execution on the system where the package is installed. This gives the attacker full control over the affected system, enabling data theft, further compromise, or use of the system for malicious purposes [1].

Mitigation

The PyPI package eziod was removed after the disclosure, and the secure version is v0.0.1. Users should immediately upgrade to v0.0.1 or later if they have installed any prior version. There is no workaround other than removing the compromised version and upgrading [1].