CyberSecurity news
FlagThis
@github.com
//
A critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32434, has been discovered in PyTorch, a widely used open-source machine learning framework. This flaw, detected by security researcher Ji’an Zhou, undermines the safety of the `torch.load()` function, even when configured with `weights_only=True`. This parameter was previously trusted to prevent unsafe deserialization, making the vulnerability particularly concerning for developers who relied on it as a security measure. The discovery challenges long-standing security assumptions within machine learning workflows.
This vulnerability affects PyTorch versions 2.5.1 and earlier and has been assigned a CVSS v4 score of 9.3, indicating a critical security risk. Attackers can exploit the flaw by crafting malicious model files that bypass deserialization restrictions, allowing them to execute arbitrary code on the target system during model loading. The impact is particularly severe in cloud-based AI environments, where compromised models could lead to lateral movement, data breaches, or data exfiltration. As Ji'an Zhou noted, the vulnerability is paradoxical because developers often use `weights_only=True` to mitigate security issues, unaware that it can still lead to RCE.
To address this critical issue, the PyTorch team has released version 2.6.0. Users are strongly advised to immediately update their PyTorch installations. For systems that cannot be updated immediately, the only viable workaround is to avoid using `torch.load()` with `weights_only=True` entirely. Alternative model-loading methods, such as using explicit tensor extraction tools, are recommended until the patch is applied. With proof-of-concept exploits likely to emerge soon, delayed updates risk widespread system compromises.
ImgSrc: thecyberexpress
References :
This vulnerability affects PyTorch versions 2.5.1 and earlier and has been assigned a CVSS v4 score of 9.3, indicating a critical security risk. Attackers can exploit the flaw by crafting malicious model files that bypass deserialization restrictions, allowing them to execute arbitrary code on the target system during model loading. The impact is particularly severe in cloud-based AI environments, where compromised models could lead to lateral movement, data breaches, or data exfiltration. As Ji'an Zhou noted, the vulnerability is paradoxical because developers often use `weights_only=True` to mitigate security issues, unaware that it can still lead to RCE.
To address this critical issue, the PyTorch team has released version 2.6.0. Users are strongly advised to immediately update their PyTorch installations. For systems that cannot be updated immediately, the only viable workaround is to avoid using `torch.load()` with `weights_only=True` entirely. Alternative model-loading methods, such as using explicit tensor extraction tools, are recommended until the patch is applied. With proof-of-concept exploits likely to emerge soon, delayed updates risk widespread system compromises.
ImgSrc: thecyberexpress
Share:
References :
- Cyber Security News: Critical PyTorch Vulnerability Enables Remote Code Execution
- github.com: GHSA-53q9-r3pm-6pq6
- Talkback Resources: Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution
- thecyberexpress.com: Hackers Can Now Exploit AI Models via PyTorch – Critical Bug Found
- securityonline.info: Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution
- cyberpress.org: Critical PyTorch Vulnerability Enables Remote Code Execution
- securityonline.info: Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution
- Talkback Resources: A critical Remote Command Execution (RCE) vulnerability in PyTorch versions 2.5.1 can be exploited via the torch.load() function with weights_only=True, posing a significant security risk
- Kaspersky official blog: Update PyTorch ASAP | Kaspersky official blog
- thecyberexpress.com: PyTorch Vulnerability CVE-2025-32434
Classification:
- HashTags: #PyTorch #MachineLearning #Vulnerability
- Company: PyTorch
- Target: PyTorch users
- Product: PyTorch
- Feature: torch.load() function
- Malware: CVE-2025-32434
- Type: Vulnerability
- Severity: Critical