<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Metabase - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/vendors/metabase/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Wed, 03 Jan 2024 12:00:00 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/vendors/metabase/feed.xml" rel="self" type="application/rss+xml"/><item><title>Metabase Enterprise Remote Code Execution via Serialization Import</title><link>https://feed.craftedsignal.io/briefs/2024-01-metabase-rce/</link><pubDate>Wed, 03 Jan 2024 12:00:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2024-01-metabase-rce/</guid><description>Authenticated administrators in vulnerable Metabase Enterprise editions can achieve Remote Code Execution (RCE) and Arbitrary File Read by injecting an `INIT` property into the H2 JDBC spec via a crafted serialization archive through the `POST /api/ee/serialization/import` endpoint.</description><content:encoded><![CDATA[<p>Metabase is a widely used open-source business intelligence and analytics tool. A critical vulnerability, CVE-2026-33725, affects Metabase Enterprise Edition versions prior to 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4. This flaw allows authenticated administrators to execute arbitrary code and read arbitrary files. The vulnerability stems from the <code>POST /api/ee/serialization/import</code> endpoint, which can be exploited by injecting a malicious <code>INIT</code> property into the H2 JDBC specification within a crafted serialization archive. This injected property enables the execution of arbitrary SQL commands during a database synchronization process. The vulnerability has been confirmed to be exploitable on Metabase Cloud, highlighting the broad impact of this issue. Only Metabase Enterprise is affected, as the OSS version lacks the vulnerable code paths.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker authenticates as an administrator to a vulnerable Metabase Enterprise instance.</li>
<li>The attacker crafts a malicious serialization archive containing an injected <code>INIT</code> property within the H2 JDBC spec.</li>
<li>The malicious archive is submitted to the <code>/api/ee/serialization/import</code> endpoint via a POST request.</li>
<li>Metabase processes the archive, triggering the H2 JDBC driver with the injected <code>INIT</code> property.</li>
<li>The <code>INIT</code> property executes arbitrary SQL commands during a database synchronization operation.</li>
<li>The attacker gains the ability to execute arbitrary code on the server hosting the Metabase instance.</li>
<li>The attacker leverages the code execution to read arbitrary files on the system.</li>
<li>The attacker may use this access to exfiltrate sensitive data, pivot to other systems, or disrupt services.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-33725 allows attackers to gain complete control over affected Metabase Enterprise instances, potentially leading to data breaches, service disruption, and lateral movement within the network. The vulnerability affects all versions of Metabase Enterprise that have serialization, dating back to at least version 1.47, before being patched in versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4. Given the widespread use of Metabase for business intelligence, a successful attack can expose sensitive business data.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Upgrade Metabase Enterprise instances to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, 1.59.4, or later to patch CVE-2026-33725.</li>
<li>As a temporary workaround, disable the serialization import endpoint in the Metabase instance, as recommended in the overview, to prevent access to the vulnerable code paths.</li>
<li>Deploy the Sigma rule &quot;Detect Metabase Enterprise Serialization Import Attempt&quot; to monitor for attempts to exploit the vulnerability via the <code>/api/ee/serialization/import</code> endpoint.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>metabase</category><category>rce</category><category>serialization</category><category>cve-2026-33725</category></item></channel></rss>