Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development

Amazon Web Services Warns of TorchServe Flaws

Open-Source Tool Used by Global Enterprises Working With AI
Amazon Web Services Warns of TorchServe Flaws
Image: Shutterstock

A clutch of vulnerabilities in an open-source tool used by major corporations to scale up machine learning models could lead to remote takeover, said a cybersecurity firm in a warning downplayed by Meta, which co-manages the open-source project.

See Also: OnDemand | Practical Strategies for Accelerating AI Adoption in Cybersecurity

Israeli security firm Oligo in a Tuesday blog post called a trio of TorchServe vulnerabilities, including one it discovered, "ShellTorch."

TorchServe is an optional tool in the PyTorch library, "one of the world's most-used machine learning frameworks," as Oligo describes it. "PyTorch presents an attractive target to attackers who want to breach AI-based systems," it said in the blog post.

The vulnerability it discovered, tracked as CVE-2023-43654 allows an attacker to upload a malicious model to the server, the company said. Combined with a common misconfiguration that leaves TorchServe servers open to the internet and a previous flaw from 2022 that converts a Java message into a malicious object that can execute arbitrary code - a technique known as deserialization - hackers can "remotely run code with high privileges without any authentication," Oligo said.

Amazon Web Services, which along with social media giant Meta runs the TorchServe project, issued an advisory on Monday. Google also published an advisory on Tuesday.

A Meta spokesperson told Information Security Media Group that the new vulnerability isn't a problem for users who updated TorchServe weeks ago. "The issues in TorchServe - an optional tool for PyTorch - were patched in August rendering the exploit chain described in this blog post moot," the spokesperson said.

Neither AWS nor Oligo have reported active exploitation of ShellTorch.

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.