A critical vulnerability has been identified in the modelscope/ms-swift library, affecting multiple products from The. This flaw allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system by sending specially crafted data, potentially leading to a full system compromise, data theft, or service disruption. Due to the critical severity (CVSS 9.8), immediate remediation is required to prevent exploitation.

The vulnerability exists due to insecure deserialization of untrusted data within the load_model_meta() function of the ModelFileSystemCache() class. An attacker can craft a malicious input, such as a malicious model file, containing a serialized object. When the application processes this input using the vulnerable function, it deserializes the object, which triggers the execution of arbitrary code with the privileges of the application service account.

This vulnerability is rated as critical severity with a CVSS score of 9.8. Successful exploitation could result in a complete compromise of the affected system's confidentiality, integrity, and availability. An attacker could exfiltrate sensitive data, install ransomware, manipulate or destroy critical information, or use the compromised host as a pivot point to attack other systems within the network. The business risks include significant financial loss, reputational damage, operational downtime, and potential regulatory penalties.

Immediate Action: All systems running the affected software must be updated to the latest version immediately, as recommended by the vendor. This will patch the insecure deserialization flaw. After patching, verify that the application is functioning as expected.

Proactive Monitoring: System administrators should actively monitor for signs of exploitation. Review application and system logs for any unusual errors or stack traces related to the load_model_meta() function. Monitor for unexpected outbound network connections, new processes spawned by the application, or unauthorized file modifications on the server.

Compensating Controls: If immediate patching is not feasible, implement the following controls to reduce risk:

• Restrict access to the application to only trusted users and networks.
• Deploy a Web Application Firewall (WAF) with rules designed to detect and block common deserialization attack patterns.
• Run the application with the lowest possible user privileges to limit the impact of a potential compromise.
• Implement strict input validation to prevent malicious data from reaching the vulnerable function.

Public Exploit Available: false

Given the critical severity (CVSS 9.8) of this vulnerability, we recommend that organizations prioritize the immediate patching of all affected systems. The potential for complete system compromise represents an unacceptable risk. Although there is no evidence of active exploitation at this time, the public disclosure of this flaw means that exploitation is imminent. All internet-facing systems should be considered top priority for remediation.