Remote Code Execution in pytorch/pytorch
CVE-2024-5480

10CRITICAL

Key Information:

Vendor: Pytorch
Status: Pytorch/pytorch
Vendor: CVE Published:; 6 June 2024

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-5480?

A vulnerability related to unauthorized access was identified in a widely used software product. While intended to bolster secure operations, this vulnerability exposes the system to potential security risks, emphasizing the importance of continual vigilance in monitoring software updates and adhering to established security protocols. The situation underscores the necessity for organizations to conduct regular security audits and apply patches promptly to maintain a robust security posture.

Affected Version(s)

pytorch/pytorch <= unspecified

News Articles

Cyber Security Informer

CVE-2024-34331 CVE-2024-5480

Top Cyber Security Informer Artificial Intelligence Penetration Testing Content for Week of Jun 01 - Jun 07, 2024

Best content around Artificial Intelligence Penetration Testing selected by the Cyber Security Informer community.

thmubnail image

Critical PyTorch Vulnerability Can Lead to Sensitive AI Data Theft

A critical vulnerability in the PyTorch distributed RPC framework could be exploited for remote code execution.

thmubnail image

References

https://huntr.com/bounties/39811836-c5b3-4999-831e-46fee8...

CVSS V3.1

Score:

10

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Jun 10, 2024
📰
First article discovered by SecurityWeek
Jun 10, 2024
Vulnerability published
Jun 6, 2024
Vulnerability Reserved
May 29, 2024

.