Sign up to save your podcasts
Or
Share Redis “RediShell” CVE-2025-49844: Cloud Infrastructure at Risk
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Redis “RediShell” CVE-2025-49844: Cloud Infrastructure at Risk
In this week’s episode of IT SPARC Cast - CVE of the Week, John Barger and Lou Schmidt dive deep into CVE-2025-49844, a newly discovered and critical remote code execution vulnerability in Redis—the in-memory database that powers over 75% of cloud services. This flaw, dubbed “RediShell”, scores a perfect 10.0 CVSS and affects Redis instances using Lua scripting, allowing attackers to execute arbitrary code and gain full system control.
This 13-year-old bug stems from a use-after-free memory corruption issue that lets attackers escape the Lua sandbox, run malicious code, exfiltrate data, deploy crypto miners, or move laterally inside cloud environments. Even worse—more than 60,000 internet-exposed Redis servers have no authentication, leaving them completely open to exploitation.
John and Lou discuss how this happened, what you can do to secure your infrastructure, and why “cloud-hosted” doesn’t always mean “secure.”
✅ Key Takeaways:
•Update to patched versions immediately (8.2.2, 8.0.4, 7.4.6, 7.2.11, 6.2.20)
•Restrict network access with ACLs
•Rotate all credentials and API keys
•Don’t run Redis as root
•Isolate any compromised hosts before investigation
Lou calls it “a 10 on the oh-crap-ometer”—and he’s not wrong.
https://thehackernews.com/2025/10/13-year-redis-flaw-exposed-cvss-100.html
https://www.darkreading.com/cloud-security/patch-now-redishell-redis-rce
Hosted on Acast. See acast.com/privacy for more information.
View all episodes
By John BargerIn this week’s episode of IT SPARC Cast - CVE of the Week, John Barger and Lou Schmidt dive deep into CVE-2025-49844, a newly discovered and critical remote code execution vulnerability in Redis—the in-memory database that powers over 75% of cloud services. This flaw, dubbed “RediShell”, scores a perfect 10.0 CVSS and affects Redis instances using Lua scripting, allowing attackers to execute arbitrary code and gain full system control.
This 13-year-old bug stems from a use-after-free memory corruption issue that lets attackers escape the Lua sandbox, run malicious code, exfiltrate data, deploy crypto miners, or move laterally inside cloud environments. Even worse—more than 60,000 internet-exposed Redis servers have no authentication, leaving them completely open to exploitation.
John and Lou discuss how this happened, what you can do to secure your infrastructure, and why “cloud-hosted” doesn’t always mean “secure.”
✅ Key Takeaways:
•Update to patched versions immediately (8.2.2, 8.0.4, 7.4.6, 7.2.11, 6.2.20)
•Restrict network access with ACLs
•Rotate all credentials and API keys
•Don’t run Redis as root
•Isolate any compromised hosts before investigation
Lou calls it “a 10 on the oh-crap-ometer”—and he’s not wrong.
https://thehackernews.com/2025/10/13-year-redis-flaw-exposed-cvss-100.html
https://www.darkreading.com/cloud-security/patch-now-redishell-redis-rce
Hosted on Acast. See acast.com/privacy for more information.