Tuesday, November 12, 2024
Homecyber securityShellTorch Flaw Exposes Thousands of AI Servers to RCE Attacks

ShellTorch Flaw Exposes Thousands of AI Servers to RCE Attacks

Published on

Malware protection

ShellTorch Serve is an open-source model-serving library developed by PyTorch that simplifies the deployment of machine learning models for inference in production environments. 

It provides a scalable and efficient way to serve PyTorch models, making integrating them into applications and services easier.

The Oligo Security team found critical vulnerabilities, including CVE-2023-43654, enabling full chain RCE (Remote Code Execution). 

- Advertisement - SIEM as a Service

Thousands of exposed instances, even in major organizations, risk the following things:-

  • Unauthorized access
  • Malicious AI model insertion
  • Complete server takeover

AI models are now essential for critical tasks, from safety to security, but they also demand trust with sensitive data, impacting global conflicts and crucial decisions.

Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

PyTorch

PyTorch, a leading ML framework, stands at the intersection of AI and open-source libraries. In late 2022, attackers exploited dependency confusion to compromise PyTorch, introducing malicious code.

TorchServe, an influential PyTorch model-serving framework backed by Meta and Amazon, boasts widespread adoption in research and industry, including giants like-

  • Walmart
  • Tesla
  • Google

It’s central to various projects and available as a managed service on major cloud platforms.

Experts found tens of thousands of exposed IP addresses, including Fortune 500 companies, vulnerable to Oligo’s discovered flaws in TorchServe versions before 0.8.2, enabling:- 

  • Remote code execution
  • Server takeover
  • Data theft

Exploiting ShellTorch CVE-2023-43654 allows an attacker to gain server control through API misconfigurations, SSRF vulnerabilities, and unsafe deserialization, potentially compromising AI models and sensitive data.

Vulnerabilities

There are three vulnerabilities, and we have mentioned them:-

  • Unauthenticated Management Interface API Misconfiguration
  • Remote Server-Side Request Forgery that Leads to RCE – CVE-2023-43654 (NVD, CVSS: 9.8)
  • Java Deserialization RCE – CVE-2022-1471 (GHSA, CVSS: 9.9)

Security Risks in AI

2023, “The Year of AI,” sees rapid innovation and fierce competition. Open-source tools drive AI growth but introduce significant security risks, challenging the balance between innovation and vulnerability in a hypergrowing AI industry.

Oligo’s discovered vulnerabilities illustrate real-world risks in the recent OWASP Top 10 for LLM Applications, including:-

  • Supply Chain Vulnerabilities
  • Model Theft
  • Model injection

ShellTorch vulnerabilities highlight the risk even in widely trusted projects maintained by top companies. Managed services by trusted providers may still have vulnerabilities. 

Even default self-managed containers by Amazon and Google were vulnerable to ShellTorch, although both companies have issued updates and advisories.

Mitigations

Here below, we have mentioned all the mo=itigations offered by the security experts:-

  • Update TorchServe to 0.8.2 or higher, but note that this update only adds a warning, not a fix, for the SSRF vulnerability.
  • To limit potential impacts, configure the management console correctly to prevent remote access using default settings.
  • Ensure your server fetches models exclusively from domains that are trusted.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

VMware Workstation & Fusion Now Available for Free to All Users

VMware has announced that its popular desktop hypervisor products, VMware Workstation and VMware Fusion,...

Dell Enterprise SONiC Flaw Let Attackers Hijack the System

Dell Technologies has disclosed multiple critical security vulnerabilities in its Enterprise SONiC OS, which...

Amazon Confirms Employee Data Breach Via Third-party Vendor

Amazon has confirmed that sensitive employee data was exposed due to a breach at...

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

VMware Workstation & Fusion Now Available for Free to All Users

VMware has announced that its popular desktop hypervisor products, VMware Workstation and VMware Fusion,...

Dell Enterprise SONiC Flaw Let Attackers Hijack the System

Dell Technologies has disclosed multiple critical security vulnerabilities in its Enterprise SONiC OS, which...

Amazon Confirms Employee Data Breach Via Third-party Vendor

Amazon has confirmed that sensitive employee data was exposed due to a breach at...