Plattform
python
Komponente
onnx
Behoben in
1.15.1
1.16.0
CVE-2024-27318 is a Directory Traversal vulnerability discovered in ONNX Runtime versions up to and including 1.9.0. This vulnerability allows attackers to potentially read arbitrary files on the system by manipulating the external_data field within tensor protos. The root cause lies in insufficient validation of file paths, enabling a bypass of a previous patch intended to address CVE-2022-25882. A fix is available in version 1.16.0.
The Directory Traversal vulnerability in onnx allows an attacker to read arbitrary files on the system where the onnx model is being processed. This could lead to the exposure of sensitive data such as configuration files, credentials, or even source code. The attacker's ability to read arbitrary files depends on the permissions of the process running the onnx model. This vulnerability bypasses a previous mitigation for CVE-2022-25882, indicating a potential for similar exploitation patterns. The blast radius extends to any application utilizing vulnerable onnx models, potentially impacting machine learning pipelines and inference services.
CVE-2024-27318 was publicly disclosed on 2024-02-23. The vulnerability bypasses a previous fix for CVE-2022-25882, suggesting a potential for similar exploitation techniques. Currently, there are no known active campaigns targeting this vulnerability, but the availability of a public proof-of-concept increases the risk of exploitation. The EPSS score is likely medium, given the bypass nature and potential for widespread impact.
Organizations deploying ONNX Runtime in production environments, particularly those using it for machine learning inference with untrusted data, are at significant risk. This includes developers integrating ONNX Runtime into their applications and those relying on shared hosting environments where the ONNX Runtime installation may be managed by the provider.
• python / supply-chain:
import os
import subprocess
# Check ONNX Runtime version
result = subprocess.run(['onnxruntime', '--version'], capture_output=True, text=True)
version = result.stdout.splitlines()[0]
if version <= '1.9.0':
print("ONNX Runtime version is vulnerable.")• generic web: Check for ONNX Runtime endpoints exposed in your web application. Use curl to probe for potential file access vulnerabilities.
curl 'http://your-application/onnxruntime/model?external_data=/etc/passwd'disclosure
Exploit-Status
EPSS
0.41% (61% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2024-27318 is to upgrade the onnx package to version 1.16.0 or later. If upgrading is not immediately feasible, consider implementing input validation on the externaldata field to restrict the allowed file paths. Additionally, restrict the permissions of the process running the onnx model to minimize the potential impact of a successful exploit. Review and update any existing WAF rules to detect and block requests containing malicious file paths in the externaldata field. After upgrading, confirm the fix by attempting to load a model with a crafted external_data path and verifying that access is denied.
Actualice la biblioteca onnx a una versión posterior a la 1.15.0. Esto se puede hacer usando el gestor de paquetes pip con el comando: `pip install --upgrade onnx`. Asegúrese de verificar que la actualización se haya realizado correctamente y que la nueva versión esté en uso.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-27318 is a Directory Traversal vulnerability affecting ONNX Runtime versions up to 1.9.0, allowing attackers to read files outside the intended model directory.
You are affected if you are using ONNX Runtime versions 1.9.0 or earlier. Upgrade to version 1.16.0 or later to resolve the vulnerability.
Upgrade to ONNX Runtime version 1.16.0 or later. If upgrading is not possible, implement strict file access controls and validate external data.
Public proof-of-concept exploits are emerging, indicating a potential for active exploitation.
Refer to the ONNX Runtime GitHub repository for updates and advisories: https://github.com/microsoft/onnxruntime
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.