- Redis Patches CVE-2025-49844, a critical error that allows the execution of the remote code through the abuse of Script Lua
- Vulnerability had existed for 13 years; It affects versions 8.2.1 and below, now set at 8.2.2
- More than 60,000 exposed instances lack authentication; Urgent updates and ACL restrictions are recommended
Redis, a popular open source data warehouse, had a critical vulnerability that allowed the threat actors to execute the malicious code remotely. It has been solved in its new version, which users are now urged to be installed.
Redis, abbreviation for Remote Dictionary Server, is an open source data warehouse, in memory used as database, cache and message corridor for rapid data and applications in real time, used in a wide range of cloud environments.
A security notice said that 13 years ago, a free vulnerability of use in the Redis source code was introduced. Authenticated actors can create a personalized Lua script to activate it, escape from Lua Sandbox and establish a reverse shell and remote code execution capabilities. In turn, this allows all types of malicious activity, from theft of credentials to malware infections, cryptojackers, data leaks and more.
Thousands of vulnerable instances
The error is tracked as CVE-2025-49844 and was given a gravity score of 9.9/10 (critic). It was found in versions 8.2.1 and below and noticed version 8.2.2.
Those who cannot update to the most recent version in time should prevent users from running Scripts from LUA, which can be done using ACL to restrict Eval and Evalsha commands.
Citing Wiz security researchers, Bleepingcomputer It also says that there are about 330,000 REDIS instances exhibited online, with at least 60,000 of them they are vulnerable since they do not require any authentication.
The real number of vulnerable Redis instances is probably much greater than that, if we include credentials or weak devices already committed through different vulnerabilities.
“The combination of generalized implementation, default insecure configurations and the severity of vulnerability creates an urgent need for immediate remediation. Organizations must prioritize the update of their redis instances and implement adequate security controls to protect against exploitation,” Wiz said.
Through Bleepingcomputer
