Security researchers at Wiz Research have discovered a critical vulnerability in the Redis in-memory database that could allow an attacker to gain remote code execution (RCE) capabilities and take over the host.
Dubbed “RediShell,” CVE-2025-49844 with a perfect CVSS V3 score of 10.0 exploits a 13-year-old Use-After-Free (UAF) memory corruption flaw in the Redis core source code.
The researchers demonstrated the proof-of-concept code during the Pwn2Own Berlin contest. They warned that many organizations were at risk of exploitation, as more than 75% of cloud environments have Redis deployments.
Redis critical vulnerability results in lateral movement
The Wiz Research team found that the RediShell critical vulnerability could allow an attacker to escape the Redis sandbox and gain RCE capabilities by sending specially-crafted scripts written in the Lua programming language. The critical vulnerability affects all Redis versions due to the default support for Lua scripting.
“RediShell (CVE-2025-49844) represents a critical security vulnerability that affects all Redis versions due to its root cause in the underlying Lua interpreter.”
The researchers warned that escaping the sandbox could allow an attacker to gain complete control of the Redis host, enabling them to exfiltrate data, wipe or encrypt the database, hijack other resources, or traverse laterally across the cloud environment.
They can also create a reverse shell to maintain persistence, steal credentials, including SSH keys, IAM tokens, and digital certificates, or install malware and cryptominers.
Meanwhile, Redis has released security patches for the RediShell critical vulnerability, and users have been advised to immediately patch their systems. The company also patched three additional security flaws, CVE-2025-46817, CVE-2025-46818, and CVE-2025-46819, previously disclosed.
“Given that Redis is used in an estimated 75% of cloud environments, the potential impact is extensive,” warned the researchers. “Organizations are strongly urged to patch instances immediately by prioritizing those that are exposed to the internet.”
Over 60,000 Redis instances are vulnerable to RediShell critical vulnerability
While the security vulnerability requires authentication, Wiz researchers detected about 330,000 Redis instances exposed to the internet. Of these, approximately 60,000 lack authentication, creating the perfect conditions for exploitation.
“The combination of no authentication and exposure to the internet is highly dangerous, allowing anyone to query the Redis instance and, specifically, send Lua scripts (which are enabled by default),” they warned.
They also found that 57% of cloud environments deploy Redis as container images without proper security hardening.
“The official Redis container, by default, does not require authentication. Our analysis shows that 57% of cloud environments install Redis as an image. If not installed carefully, these instances may lack authentication entirely,” the researchers said.
Organizations that cannot immediately apply the security patches can disable Lua scripting, enable authentication, limit internet access, or run Redis on a non-privileged account.
“To mitigate risk, disable Lua for untrusted users, monitor Redis process behavior at the endpoint and network level, and isolate exposed nodes,” reiterated Piyush Sharma, CEO and co-founder of Tuskira. “Redis itself should adopt safer defaults and firewall protections to reduce public exposure.”
“Ultimately, this incident highlights why organizations must adopt preemptive defense strategies that identify and neutralize threats before they’re exploited,” he added.
Meanwhile, the Wiz Research team did not say whether threat actors have exploited the Redis critical vulnerability. Nevertheless, attackers have previously exploited Lua sandbox escape critical vulnerability CVE-2022-0543 (CVSS 10.0), to distribute the Rust-based peer-to-peer P2PInfect worm.
Palo Alto’s Unit 42 threat intelligence team warned that the worm was highly potent as it targets Redis instances on Windows and Linux servers.
“This newly disclosed Redis vulnerability is a reminder that technical debt doesn’t just live in code, it lives in configuration. Thirteen years of latent risk surfaced because default settings and weak segmentation went unobserved,” concluded Anders Askasen, VP of Product Marketing, Radiant Logic.
