Oligo Security researchers uncovered a series of dangerous Remote Code Execution (RCE) vulnerabilities impacting critical AI frameworks, termed “ShadowMQ.” These flaws are attributed to the unsafe implementation of ZeroMQ (ZMQ) communications combined with Python’s pickle deserialization, which allows attackers to execute arbitrary code through unauthenticated network sockets. The issue first emerged during an analysis of Meta’s Llama Stack, revealing a critical flaw that was later found replicated across NVIDIA’s TensorRT-LLM, vLLM, SGLang, and Modular’s Max Server, making the threat widespread and severe.
The vulnerabilities are serious, with several identified as critical under CVE identifiers, such as CVE-2024-50050 for Meta and others with CVSS scores nearing 9.8. Exploiting these vulnerabilities can allow attackers to escalate privileges, exfiltrate sensitive data, or even use compromised systems for cryptocurrency mining. Despite patches released by some organizations, notable vulnerabilities remain unpatched, particularly in Microsoft’s Sarathi-Serve and SGLang. Organizations are urged to implement immediate fixes, avoid untrusted data during deserialization, and restrict ZMQ communication access.
👉 Pročitaj original: Cyber Security News
