BIT-mlflow-2024-37053
Deserialization of untrusted data vulnerability in mlflow (PyPI)

Deserialization of untrusted data No known exploit

What is BIT-mlflow-2024-37053 About?

This vulnerability involves the deserialization of untrusted data in MLflow platform versions 1.1.0 or newer. It enables arbitrary code execution on an end user's system by exploiting a maliciously uploaded scikit-learn model. Exploitation requires user interaction with the malicious model.

Affected Software

mlflow >1.1.0, <=2.14.1

Technical Details

The vulnerability stems from insecure deserialization of untrusted data within the MLflow platform, affecting versions 1.1.0 and newer. Specifically, an attacker can upload a specially crafted scikit-learn model (or other serialized object types) that, when deserialized, triggers the execution of arbitrary code. This can occur when an end user interacts with or loads the malicious model within their MLflow environment. The inherent trust in model artifacts within a machine learning platform allows the attacker to leverage the deserialization process as an arbitrary code execution vector.

What is the Impact of BIT-mlflow-2024-37053?

Successful exploitation may allow attackers to achieve arbitrary code execution on the end user's system, leading to full system compromise, data theft, or further network penetration.

What is the Exploitability of BIT-mlflow-2024-37053?

Exploitation complexity is moderate, requiring the attacker to craft a malicious serialized model. Authentication is likely required to upload a model to the MLflow platform, and the attacker would need the privileges to do so. This is typically a remote vulnerability, where an attacker uploads a malicious model that is then downloaded and deserialized by a user. User interaction is required, as the model needs to be loaded or interacted with by an end-user for the code to execute. Risk factors include MLflow deployments that allow untrusted users to upload models or where model integrity is not verified before deserialization.

What are the Known Public Exploits?

PoC Author Link Commentary
No known exploits

What are the Available Fixes for BIT-mlflow-2024-37053?

Available Upgrade Options

  • No fixes available

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to BIT-mlflow-2024-37053?

Similar Vulnerabilities: CVE-2023-50478 , CVE-2022-38688 , CVE-2021-44228 , CVE-2020-2555 , CVE-2019-12384

All Rights reserved 2025
Privacy Policy