Deserialization Vulnerability in Keras Framework by Keras Team
CVE-2025-49655
Key Information:
Badges
What is CVE-2025-49655?
CVE-2025-49655 is a deserialization vulnerability identified in the Keras framework, a popular library used for building and training machine learning models. This issue affects versions 3.11.0 through 3.11.2 of the Keras framework, allowing a maliciously crafted Keras file that contains a TorchModuleWrapper class to execute arbitrary code on a user's system when the file is loaded. Notably, this occurs even if safe mode is enabled, making the vulnerability particularly concerning. The potential for exploitation is present through both local and remote file uploads, which could allow attackers to manipulate systems and compromise sensitive data.
Potential impact of CVE-2025-49655
-
Arbitrary Code Execution: This vulnerability enables attackers to execute arbitrary code on the user's machine, which can lead to unauthorized activities, data manipulation, or the deployment of additional malicious software.
-
System Compromise: If exploited, CVE-2025-49655 can allow attackers to gain control over affected systems, potentially leading to broader network infiltration and exploitation of connected resources.
-
Data Breach and Loss: The execution of unauthorized code may facilitate data breaches, risking exposure of sensitive information or intellectual property, which can have legal and financial repercussions for organizations.
Affected Version(s)
Keras 3.11.0 < 3.11.3