Platform
java
Component
h2oai/h2o-3
CVE-2023-6016 is a critical Remote Code Execution (RCE) vulnerability discovered in H2O, a popular machine learning platform. This vulnerability allows an attacker to execute arbitrary code on a server hosting the H2O dashboard by exploiting the POJO model import feature. All versions of H2O up to the latest are affected. A fix is available; upgrading is the recommended remediation.
The impact of CVE-2023-6016 is severe. Successful exploitation allows an attacker to execute arbitrary code with the privileges of the H2O process on the affected server. This could lead to complete system compromise, including data exfiltration, malware installation, and lateral movement within the network. The POJO model import feature provides a direct attack vector, making exploitation relatively straightforward if an attacker can upload a malicious model. This vulnerability shares similarities with other deserialization vulnerabilities where untrusted data is processed without proper sanitization, potentially leading to arbitrary code execution.
CVE-2023-6016 was publicly disclosed on November 16, 2023. While no active exploitation campaigns have been definitively confirmed, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept (POC) code is likely to emerge, increasing the risk of widespread exploitation.
Exploit Status
EPSS
68.24% (99% percentile)
CVSS Vector
The primary mitigation for CVE-2023-6016 is to upgrade to a patched version of H2O as soon as possible. If immediate upgrading is not feasible, consider restricting access to the H2O dashboard to trusted users only. Implement strict input validation on any data imported into the H2O platform, particularly when dealing with external models. Network segmentation can also limit the blast radius of a potential compromise. After upgrading, confirm the fix by attempting to import a known-safe POJO model and verifying that no unexpected code execution occurs.
Update the H2O library to a version that has addressed the remote code execution vulnerability via POJO model import. Refer to the H2O release notes for details on the patched version. Ensure you validate and sanitize any user-provided input before importing it as a POJO model.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-6016 is a critical Remote Code Execution vulnerability in H2O, allowing attackers to execute arbitrary code via the POJO model import feature.
Yes, all versions of H2O up to the latest are affected by this vulnerability. If you are using H2O, you should assess your risk and apply the available patch.
The recommended fix is to upgrade to a patched version of H2O. If upgrading is not immediately possible, restrict access to the dashboard and validate model imports.
While no active exploitation campaigns have been definitively confirmed, the CRITICAL severity and ease of exploitation suggest a high probability of exploitation.
Refer to the official H2O security advisory for detailed information and patching instructions: [https://www.h2o.ai/security/advisories/](https://www.h2o.ai/security/advisories/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.