Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

Critical PyTorch Vulnerability Can Lead to Sensitive AI Data Theft

A critical vulnerability in the PyTorch distributed RPC framework could be exploited for remote code execution.

A critical-severity vulnerability in the PyTorch machine learning library could be exploited for remote code execution.

Impacting the distributed RPC (Remote Procedure Call) framework of PyTorch and tracked as CVE-2024-5480, the issue exists because the framework does not verify the functions called during RPC operations.

The framework is used in distributed training scenarios and the flaw can be exploited for arbitrary command execution during multi-cpu RPC communication, by abusing built-in Python functions.

“The vulnerability arises from the lack of restriction on function calls when a worker node serializes and sends a PythonUDF (User Defined Function) to the master node, which then deserializes and executes the function without validation,” a NIST advisory reads.

Bug bounty platform for AI and ML Huntr explains that, when the distributed RPC framework is used for multi-cpu RPC communication, worker nodes can use specific functions to serialize and package functions and tensors into a PythonUDF that is then sent to the master node.

“Master deserializes the received PythonUDF data and calls the _run_function. This allows the worker to execute the specified function, but since there is no restriction on function calls, it can lead to remote code execution by calling built-in Python functions like eval,” Huntr explains.

Remote attackers can exploit the vulnerability to compromise master nodes that are initiating the distributed training, which could result in the theft of sensitive data related to AI.

CVE-2024-5480, which has been assessed with a CVSS score of 10, was reported on April 12 and impacts PyTorch version 2.2.2 and prior. The latest iteration of the machine learning library is currently version 2.3.1.

Advertisement. Scroll to continue reading.

The researcher who reported the vulnerability received a $1,500 bug bounty reward for the finding.

Related: Details of Atlassian Confluence RCE Vulnerability Disclosed

Related: Progress Patches Critical Vulnerability in Telerik Report Server

Related: CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights