Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2025-66034

CVE-2025-66034: Fonttools Fonttools RCE Vulnerability

CVE-2025-66034 is a remote code execution flaw in Fonttools Fonttools that allows arbitrary file writes through malicious .designspace files. This article covers the technical details, affected versions, and mitigation.

Published:

CVE-2025-66034 Overview

CVE-2025-66034 is a critical arbitrary file write vulnerability in fontTools, a widely-used Python library for manipulating fonts. The vulnerability exists in the fonttools varLib module (or python3 -m fontTools.varLib script) and affects versions from 4.33.0 to before 4.60.2. When a maliciously crafted .designspace file is processed, an attacker can achieve arbitrary file write capabilities, which can escalate to remote code execution.

The vulnerability specifically impacts the main() code path of fontTools.varLib, affecting both the fonttools varLib CLI and any code that programmatically invokes fontTools.varLib.main(). This makes it particularly dangerous in automated font processing pipelines, CI/CD systems, and web services that accept user-supplied font files.

Critical Impact

Attackers can achieve remote code execution by exploiting arbitrary file write capabilities through maliciously crafted .designspace files processed by fontTools varLib.

Affected Products

  • fonttools versions 4.33.0 through 4.60.1
  • Applications using fontTools.varLib.main() for font processing
  • Systems running fonttools varLib CLI with untrusted input

Discovery Timeline

  • 2025-11-29 - CVE CVE-2025-66034 published to NVD
  • 2025-12-03 - Last updated in NVD database

Technical Details for CVE-2025-66034

Vulnerability Analysis

This vulnerability is classified as CWE-91 (XML Injection), stemming from improper handling of the filename attribute in .designspace XML files. The root issue lies in how fontTools processes the variable font filename specification without properly validating and sanitizing the path components.

When processing a .designspace file, fontTools extracts the filename value intended for the output variable font. Prior to the patch, the library would use this filename directly without stripping directory path components, allowing an attacker to specify arbitrary paths using directory traversal sequences. This enables writing font output files to arbitrary locations on the filesystem.

The ability to write arbitrary files with controlled content provides a direct path to remote code execution. An attacker could overwrite critical system files, inject malicious code into Python modules, or place executable files in locations where they would be automatically executed.

Root Cause

The vulnerability originates from insufficient input validation in the .designspace file parsing logic. The filename attribute, which should only contain a simple basename (e.g., MyFont.ttf), was being used without extracting just the basename component. This allowed attackers to include directory separators (/ or \) and path traversal sequences (../) in the filename, causing output files to be written outside the intended directory.

Attack Vector

The attack vector is network-based and requires no authentication or user interaction. An attacker can exploit this vulnerability by:

  1. Crafting a malicious .designspace XML file with a filename containing path traversal sequences
  2. Submitting this file to any system that processes designspace files using fontTools varLib
  3. The arbitrary file write occurs when fontTools processes the malicious input
  4. Depending on the target location and file content, this can lead to immediate code execution
python
# Security patch in Lib/fontTools/designspaceLib/__init__.py - varLib: only use the basename(vf.filename)
         in the document**. The file may or may not exist.

         If not specified, the :attr:`name` will be used as a basename for the file.
+
+        .. note::
+            This is intended to be a simple filename (basename or stem) only.
+            Build tools will only use the basename component and ignore any
+            directory separators for security reasons.
         """
         self.axisSubsets: List[
             Union[RangeAxisSubsetDescriptor, ValueAxisSubsetDescriptor]

Source: GitHub Commit Reference

Detection Methods for CVE-2025-66034

Indicators of Compromise

  • Unexpected font files appearing in system directories or outside designated output folders
  • .designspace files containing directory traversal patterns (e.g., ../, /etc/, C:\) in filename attributes
  • Process execution anomalies originating from fonttools varLib processing
  • File system events showing writes to sensitive locations during font processing operations

Detection Strategies

  • Monitor fontTools varLib invocations for input files containing suspicious filename patterns in XML content
  • Implement file integrity monitoring on critical system directories to detect unauthorized writes
  • Audit Python environments for fonttools versions in the affected range (4.33.0 to 4.60.1)
  • Deploy YARA rules to detect malicious .designspace files with path traversal in filename attributes

Monitoring Recommendations

  • Enable detailed logging for font processing pipelines to capture input file contents and output paths
  • Configure SentinelOne's Storyline technology to track process chains involving fonttools varLib execution
  • Set up alerts for file write operations to sensitive directories during font processing workflows
  • Monitor for new Python module files or modifications to existing modules in site-packages directories

How to Mitigate CVE-2025-66034

Immediate Actions Required

  • Upgrade fonttools to version 4.60.2 or later immediately
  • Audit systems for any fonttools installations in the affected version range using pip show fonttools
  • Review recent font processing operations for any suspicious .designspace files
  • Implement input validation for any user-supplied font files before processing

Patch Information

The vulnerability has been patched in fonttools version 4.60.2. The fix ensures that only the basename component of the filename attribute is used, ignoring any directory separators or path components. This prevents attackers from writing files outside the intended output directory.

To update fonttools, run:

bash
pip install --upgrade fonttools>=4.60.2

For additional details, refer to the GitHub Security Advisory GHSA-768j and the security patch commit.

Workarounds

  • Isolate font processing in sandboxed environments with restricted file system permissions
  • Validate .designspace files before processing, rejecting any with directory separators in filename attributes
  • Run fonttools varLib with minimal file system permissions using dedicated service accounts
  • Implement chroot or container isolation for font processing pipelines to limit blast radius
bash
# Configuration example: Create isolated environment for font processing
# Create dedicated user with minimal permissions
sudo useradd -r -s /bin/false fontprocessor

# Set up restricted directory for font operations
mkdir -p /opt/fonttools/input /opt/fonttools/output
chown -R fontprocessor:fontprocessor /opt/fonttools
chmod 700 /opt/fonttools

# Run fonttools with restricted permissions
sudo -u fontprocessor python3 -m fontTools.varLib /opt/fonttools/input/fonts.designspace -o /opt/fonttools/output/

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne