プラットフォーム
python
コンポーネント
comfyanonymous/comfyui
修正版
0.3.41
CVE-2025-6107 is a vulnerability affecting ComfyUI versions 0.3.40 through 0.3.40. This issue involves the manipulation of dynamically-determined object attributes within the set_attr function located in /comfy/utils.py. A remote attacker could potentially exploit this flaw. A fix is available in version 0.3.41.
The vulnerability lies in the set_attr function, which allows for the dynamic setting of object attributes. An attacker could leverage this to modify the behavior of ComfyUI, potentially leading to arbitrary code execution or denial of service. While the complexity of the attack is considered high, the public disclosure of the exploit increases the risk of exploitation. The ability to launch the attack remotely expands the potential attack surface, making systems running vulnerable versions of ComfyUI susceptible to compromise.
This vulnerability was publicly disclosed on 2025-06-16. The vendor, comfyanonymous, was contacted but did not respond. The exploit's public availability and relatively high complexity suggest a moderate risk of exploitation. No KEV listing or EPSS score is currently available. The description indicates the exploit has been disclosed, increasing the likelihood of exploitation.
Users running ComfyUI version 0.3.40 are at direct risk. This includes individuals and organizations utilizing ComfyUI for AI image generation and experimentation. Shared hosting environments where ComfyUI is deployed could also be affected, potentially impacting multiple users.
• python / ComfyUI:
import os
import subprocess
# Check ComfyUI version
process = subprocess.Popen(['comfyui', '--version'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
version = stdout.decode('utf-8').strip()
if version == '0.3.40':
print('Vulnerable ComfyUI version detected!')
else:
print('ComfyUI version is not vulnerable.')• python / ComfyUI: Monitor file system for modifications to /comfy/utils.py
import os
import time
file_path = '/comfy/utils.py'
while True:
try:
last_modified = os.path.getmtime(file_path)
time.sleep(60) # Check every minute
current_modified = os.path.getmtime(file_path)
if current_modified != last_modified:
print(f'File {file_path} has been modified!')
break
except FileNotFoundError:
print(f'File {file_path} not found.')
breakdisclosure
patch
エクスプロイト状況
EPSS
0.07% (21% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation is to upgrade ComfyUI to version 0.3.41 or later, which contains the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing input validation on the attributes being set within the setattr function to restrict the values that can be assigned. While a direct WAF rule is unlikely, monitoring network traffic for unusual requests targeting /comfy/utils.py could provide early warning signs of exploitation attempts. After upgrading, confirm the fix by attempting to trigger the vulnerable setattr function with malicious input and verifying that it is properly handled.
動的に決定されるオブジェクト属性の脆弱性を修正した comfyui のパッチバージョンにアップデートしてください。利用可能なバージョンがない場合は、/comfy/utils.py ファイルに手動でパッチを適用するか、アップデートが公開されるまで影響を受ける機能を無効にすることを検討してください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2025-6107 is a vulnerability in ComfyUI versions 0.3.40–0.3.40 that allows attackers to manipulate object attributes, potentially leading to code execution or denial of service.
You are affected if you are running ComfyUI version 0.3.40. Upgrade to version 0.3.41 to mitigate the risk.
Upgrade ComfyUI to version 0.3.41 or later. If immediate upgrade is not possible, implement input validation on attribute settings.
The exploit has been publicly disclosed, increasing the likelihood of exploitation. Monitor your systems for suspicious activity.
Refer to the comfyanonymous GitHub repository for updates and advisories related to CVE-2025-6107.
requirements.txt ファイルをアップロードすると、影響の有無を即座にお知らせします。