Hijacking an ML client in an organization can allow the attackers to perform extensive lateral movement within the organization. An ML client is very likely to have access to important ML services such as ML Model Registries or MLOps Pipelines.
The newly detailed vulnerabilities allow exploitation of ML clients and reside in libraries that handle safe model formats like Safetensors, potentially exposing sensitive information.
Vulnerabilities such as CVE-2024-27132 in MLflow can lead to cross-site scripting attacks during untrusted recipe execution, effectively enabling client-side remote code execution.
Issues like unsafe deserialization in H20 and path traversal in PyTorch's TorchScript could permit code execution and even overwrite critical system files.
Collection
[
|
...
]