CVE-2024-25723
Description
ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched versions: 0.44.4, 0.43.1, and 0.42.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ZenML Server before 0.46.7 allows remote privilege escalation via the /api/v1/users/{user_name_or_id}/activate endpoint using a valid username and a new password.
Vulnerability
Overview
The ZenML machine learning package for Python contains a privilege escalation vulnerability in its server component. The issue resides in the /api/v1/users/{user_name_or_id}/activate REST API endpoint, which allows an attacker to reset the password for any existing user by simply providing a valid username and a new password in the request body [1][2][4]. This design flaw bypasses any authentication or authorization checks, enabling unauthorized account takeover.
Exploitation and
Attack Surface
Exploitation requires only knowledge of a valid username within the ZenML deployment. An attacker can send a crafted HTTP POST request to the activate endpoint with the target username and a password of their choice. The endpoint processes the request without verifying the requester's identity, effectively allowing anyone to assume control of any user's account [1][4]. No prior authentication or session is needed, making the attack remotely exploitable.
Impact
Successful exploitation grants the attacker full control over the compromised ZenML account, including access to any ML pipelines, models, data, and infrastructure configurations managed by that user. This can lead to data exfiltration, model poisoning, or disruption of production ML workflows. The vulnerability is especially critical for organizations using ZenML in shared or multi-tenant environments.
Mitigation
Status
The vulnerability is confirmed to affect all ZenML versions prior to 0.46.7, with the exception of patched versions 0.44.4, 0.43.1, and 0.42.2 [1][3][4]. Users are strongly advised to upgrade to version 0.46.7 or one of the patched releases immediately. ZenML Cloud users do not require action as the platform has already been updated [4].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
zenmlPyPI | < 0.42.2 | 0.42.2 |
zenmlPyPI | >= 0.43.0, < 0.43.1 | 0.43.1 |
zenmlPyPI | >= 0.45.0, < 0.46.7 | 0.46.7 |
zenmlPyPI | >= 0.44.0, < 0.44.4 | 0.44.4 |
Affected products
2- ZenML/ZenML Serverdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-vf7j-cmrj-pmmmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-25723ghsaADVISORY
- github.com/zenml-io/zenml/compare/0.42.1...0.42.2ghsaWEB
- github.com/zenml-io/zenml/compare/0.43.0...0.43.1ghsaWEB
- github.com/zenml-io/zenml/compare/0.44.3...0.44.4ghsaWEB
- www.zenml.io/blog/critical-security-update-for-zenml-usersghsaWEB
News mentions
0No linked articles in our index yet.