CVE-2024-2912

Insecure Deserialization Leading to RCE in bentoml/bentoml

Severity Score

10.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution (RCE) by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is triggered when a serialized object, crafted to execute OS commands upon deserialization, is sent to any valid BentoML endpoint. This issue poses a significant security risk, enabling attackers to compromise the server and potentially gain unauthorized access or control.

Existe una vulnerabilidad de deserialización insegura en el framework BentoML, que permite la ejecución remota de código (RCE) mediante el envío de una solicitud POST especialmente manipulada. Al explotar esta vulnerabilidad, los atacantes pueden ejecutar comandos arbitrarios en el servidor que aloja la aplicación BentoML. La vulnerabilidad se activa cuando un objeto serializado, manipulado para ejecutar comandos del sistema operativo tras la deserialización, se envía a cualquier endpoint válido de BentoML. Este problema plantea un riesgo de seguridad importante, ya que permite a los atacantes comprometer el servidor y potencialmente obtener acceso o control no autorizados.

*Credits: N/A

CVSS Scores

huntr.devv3.1 10.0

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

Poc

Automatable

Yes

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2024-03-26 CVE Reserved
2024-04-16 CVE Published
2024-04-16 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-1188: Initialization of a Resource with an Insecure Default

CAPEC

References (2)

URL	Tag	Source
https://github.com/bentoml/bentoml/commit/fd70379733c57c6368cc022ac1f841b7b426db7b
https://huntr.com/bounties/349a1cce-6bb5-4345-82a5-bf7041b65a68

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Bentoml Search vendor "Bentoml"		Bentoml/bentoml Search vendor "Bentoml" for product "Bentoml/bentoml"				>= 1.2.0 <= 1.2.4 Search vendor "Bentoml" for product "Bentoml/bentoml" and version " >= 1.2.0 <= 1.2.4"		en		Affected